Cited By
View all- Gao YDu RWang XLi RLi MWang Z(2024)DRC-EDI: An integrity protection scheme based on data right confirmation for mobile edge computingJournal of Computer Security10.3233/JCS-22010332:4(405-423)Online publication date: 26-Aug-2024
Survey and a New Taxonomy of Proofs of Retrievability on the Cloud Storage
Authors: 
Abdel Ali Harchaoui, Ali Younes, Abdelaaziz El Hibaoui, Ahmed BendahmaneAuthors Info & Claims
Abdel Ali Harchaoui, Ali Younes, Abdelaaziz El Hibaoui, Ahmed BendahmaneAuthors Info & ClaimsArticle No.: 54, Pages 1 - 8
Abstract
Proof of Retrievability (PoR) is a technique used to ensure the authenticity of data on outsourced storage services. It improves the soundness and the robustness of the data integrity scheme and allows clients to recover the remote data. Under the circumstance of considering untrusted parties including the Cloud Storage Provider (CSP) and Third Party Authenticator (TPA), incorporating PoR and zero-knowledge Proofs, which is another technique used to allow a prover to convince a verifier that a secret exists without revealing the secret itself, will ensure client integrity verification, strengthen privacy, and improve fairness to both sides. In this paper, we present, on one hand, the state-of-the-art of PoR under zero-knowledge constructs following an existing data integrity scheme taxonomy of cloud storage. We analyze the PoR scheme formalism and its similarities with zero-knowledge concepts, in addition to the techniques used to settle robustness and zero-knowledge proofs methods. On the other hand, we propose our improved taxonomy of proofs of retrievability enriched by the zero-knowledge, the cryptography model, and the cryptographic setup. The proposed taxonomy equips researchers with a tool to think about the PoR scheme from those perspectives. In the end, we state some fruitful lines of works that PoR can take advantage of; i.e Bulletproofs, Interactive Oracle Proofs, and Interactive Oracle Proofs of Proximity For Reed-Solomon.
References
[1]
Dino Macedo Amaral, Joao J. C. Gondim, Robson De Oliveira Albuquerque, Ana Lucila Sandoval Orozco, and Luis Javier Garcia Villalba. 2019. Hy-SAIL: Hyper-Scalability, Availability and Integrity Layer for Cloud Storage Systems. IEEE Access 7(2019), 90082–90093. https://doi.org/10.1109/ACCESS.2019.2925735
[2]
Frederik Armknecht, Ludovic Barman, Jens-Matthias Bohli, and Ghassan O. Karame. 2016. Mirror: Enabling Proofs of Data Replication and Retrievability in the Cloud. In 25th ${$USENIX$}$ Security Symposium (${$USENIX$}$ Security 16). 1051–1068.
[3]
Giuseppe Ateniese, Randal Burns, Reza Curtmola, Joseph Herring, Lea Kissner, Zachary Peterson, and Dawn Song. 2007. Provable Data Possession at Untrusted Stores. In Proceedings of the 14th ACM Conference on Computer and Communications Security. 598–609.
[4]
László Babai, Lance Fortnow, Leonid A. Levin, and Mario Szegedy. 1991. Checking Computations in Polylogarithmic Time. In Proceedings of the Twenty-Third Annual ACM Symposium on Theory of Computing(STOC ’91). Association for Computing Machinery, New York, NY, USA, 21–32. https://doi.org/10.1145/103418.103428
[5]
Michael Bartock, Karen Scarfone, Murugiah Souppaya, Harmeet Singh, Rajeev Ghandi, Laura Storey, Anthony Dukes, Jeff Haskins, Carlos Phoenix, and Brenda Swarts. 2020. Trusted Cloud: Security Practice Guide for VMware Hybrid Cloud Infrastructure as a Service (IaaS) Environments. Technical Report. National Institute of Standards and Technology.
[6]
Mihir Bellare and Oded Goldreich. 1992. On Defining Proofs of Knowledge. In Annual International Cryptology Conference. Springer, 390–420.
[7]
Mihir Bellare and Phillip Rogaway. 1993. Random Oracles Are Practical: A Paradigm for Designing Efficient Protocols. In Proceedings of the 1st ACM Conference on Computer and Communications Security(CCS ’93). Association for Computing Machinery, New York, NY, USA, 62–73. https://doi.org/10.1145/168588.168596
[8]
Eli Ben-Sasson, Iddo Bentov, Yinon Horesh, and Michael Riabzev. 2018. Fast Reed-Solomon Interactive Oracle Proofs of Proximity. In 45th International Colloquium on Automata, Languages, and Programming (Icalp 2018). Schloss Dagstuhl-Leibniz-Zentrum fuer Informatik.
[9]
Eli Ben-Sasson, Alessandro Chiesa, and Nicholas Spooner. 2016. Interactive Oracle Proofs. In TCC (B2). Springer, 31–60. https://doi.org/10.1007/978-3-662-53644-5_2
[10]
Tan Choon Beng, Mohd Hanafi Ahmad Hijazi, and Yuto Lim. 2017. Partial Binary Encoding for Slepian-Wolf Based Proof of Retrievability. In 2017 IEEE 15th Student Conference on Research and Development (SCOReD). IEEE, Putrajaya, 50–55. https://doi.org/10.1109/SCORED.2017.8305422
[11]
M. Blum, W. Evans, P. Gemmell, S. Kannan, and M. Naor. 1994. Checking the Correctness of Memories. Algorithmica 12, 2-3 (Sept. 1994), 225–244. https://doi.org/10.1007/BF01185212
[12]
Kevin Bowers, Ari Juels, and Alina Oprea. 2008. Proofs of Retrievability: Theory and Implementation.IACR Cryptology ePrint Archive 2008 (Jan. 2008), 175.
[13]
Kevin D. Bowers, Ari Juels, and Alina Oprea. 2009. HAIL: A High-Availability and Integrity Layer for Cloud Storage. In Proceedings of the 16th ACM Conference on Computer and Communications Security. 187–198.
[14]
Kevin D. Bowers, Ari Juels, and Alina Oprea. 2009. Proofs of Retrievability: Theory and Implementation. In Proceedings of the 2009 ACM Workshop on Cloud Computing Security. 43–54.
[15]
Benedikt Bünz, Jonathan Bootle, Dan Boneh, Andrew Poelstra, Pieter Wuille, and Greg Maxwell. 2017. Bulletproofs: Short Proofs for Confidential Transactions and More. Technical Report 1066.
[16]
David Cash, Alptekin Kupcu, and Daniel Wichs. 2012. Dynamic Proofs of Retrievability via Oblivious RAM. Technical Report 550.
[17]
Bo Chen and Reza Curtmola. 2012. Robust Dynamic Remote Data Checking for Public Clouds. In Proceedings of the 2012 ACM Conference on Computer and Communications Security - CCS ’12. ACM Press, Raleigh, North Carolina, USA, 1043. https://doi.org/10.1145/2382196.2382319
[18]
Bo Chen, Reza Curtmola, Giuseppe Ateniese, and Randal Burns. 2010. Remote Data Checking for Network Coding-Based Distributed Storage Systems. In Proceedings of the 2010 ACM Workshop on Cloud Computing Security Workshop - CCSW ’10. ACM Press, Chicago, Illinois, USA, 31. https://doi.org/10.1145/1866835.1866842
[19]
Dwaine Clarke, G. Edward Suh, Blaise Gassend, Ajay Sudan, Marten Van Dijk, and Srinivas Devadas. 2005. Towards Constant Bandwidth Overhead Integrity Checking of Untrusted Data. In 2005 IEEE Symposium on Security and Privacy (S&P’05). IEEE, 139–153.
[20]
Ivan Damgård and Maciej Koprowski. 2002. Generic Lower Bounds for Root Extraction and Signature Schemes in General Groups. In Advances in Cryptology - EUROCRYPT 2002, International Conference on the Theory and Applications of Cryptographic Techniques, Amsterdam, the Netherlands, April 28 - May 2, 2002, Proceedings(Lecture Notes in Computer Science, Vol. 2332). Springer, 256–271. https://doi.org/10.1007/3-540-46035-7_17
[21]
Yves Deswarte, Jean-Jacques Quisquater, and Ayda Saïdane. 2003. Remote Integrity Checking. In Working Conference on Integrity and Internal Control in Information Systems. Springer, 1–11.
[22]
Hoang Giang Do and Wee Keong Ng. 2017. Blockchain-Based System for Secure Data Storage with Private Keyword Search. In 2017 IEEE World Congress on Services (SERVICES). IEEE, Honolulu, HI, USA, 90–93. https://doi.org/10.1109/SERVICES.2017.23
[23]
Amos Fiat and Adi Shamir. 1986. How to Prove Yourself: Practical Solutions to Identification and Signature Problems. In Advances in Cryptology - CRYPTO ’86, Santa Barbara, California, USA, 1986, Proceedings(Lecture Notes in Computer Science, Vol. 263). Springer, 186–194. https://doi.org/10.1007/3-540-47721-7_12
[24]
Anmin Fu, Yuhan Li, Shui Yu, Yan Yu, and Gongxuan Zhang. 2018. DIPOR: An IDA-Based Dynamic Proof of Retrievability Scheme for Cloud Storage Systems. Journal of Network and Computer Applications 104 (2018), 97–106.
[25]
Shafi Goldwasser, Silvio Micali, and Charles Rackoff. 1989. The Knowledge Complexity of Interactive Proof Systems. SIAM Journal on computing 18, 1 (1989), 186–208.
[26]
Christian A. Gorke, Christian Janson, Frederik Armknecht, and Carlos Cid. 2017. Cloud Storage File Recoverability. In Proceedings of the Fifth ACM International Workshop on Security in Cloud Computing. ACM, Abu Dhabi United Arab Emirates, 19–26. https://doi.org/10.1145/3055259.3055264
[27]
Wei Guo, Sujuan Qin, Jun Lu, Fei Gao, Zhengping Jin, and Qiaoyan Wen. 2020. Improved Proofs Of Retrievability And Replication For Data Availability In Cloud Storage. Comput. J. (2020).
[28]
Ari Juels and Burton S. Kaliski Jr. 2007. PORs: Proofs of Retrievability for Large Files. In Proceedings of the 14th ACM Conference on Computer and Communications Security. 584–597.
[29]
\Lukasz Krzywiecki and Miros\law Kuty\lowski. 2012. Proof of Possession for Cloud Storage via Lagrangian Interpolation Techniques. In International Conference on Network and System Security. Springer, 305–319.
[30]
Yuhan Li, Anmin Fu, Yan Yu, and Gongxuan Zhang. 2017. IPOR: An Efficient IDA-Based Proof of Retrievability Scheme for Cloud Storage Systems. In 2017 IEEE International Conference on Communications (ICC). IEEE, 1–6.
[31]
Petar Maymounkov. 2002. Online Codes. (Dec. 2002).
[32]
Silvio Micali. 2000. Computationally Sound Proofs. SIAM J. Comput. 30, 4 (Jan. 2000), 1253–1298. https://doi.org/10.1137/S0097539795284959
[33]
Maura B. Paterson, Douglas R. Stinson, and Jalaj Upadhyay. 2018. Multi-Prover Proof of Retrievability. Journal of Mathematical Cryptology 12, 4 (Dec. 2018), 203–220. https://doi.org/10.1515/jmc-2018-0012
[34]
Suchetha R Pujar, Shilpa S Chaudhari, and Aparna R. 2020. Survey on Data Integrity and Verification for Cloud Storage. In 2020 11th International Conference on Computing, Communication and Networking Technologies (ICCCNT). IEEE, Kharagpur, India, 1–7. https://doi.org/10.1109/ICCCNT49239.2020.9225594
[35]
Irving S. Reed and Gustave Solomon. 1960. Polynomial Codes over Certain Finite Fields. Journal of the society for industrial and applied mathematics 8, 2(1960), 300–304.
[36]
Zhengwei Ren, Lina Wang, Qian Wang, and Mingdi Xu. 2018. Dynamic Proofs of Retrievability for Coded Cloud Storage Systems. IEEE Trans. Serv. Comput. 11, 4 (July 2018), 685–698. https://doi.org/10.1109/TSC.2015.2481880
[37]
Claus-Peter Schnorr. 1989. Efficient Identification and Signatures for Smart Cards. In Advances in Cryptology - CRYPTO ’89, 9th Annual International Cryptology Conference, Santa Barbara, California, USA, August 20-24, 1989, Proceedings(Lecture Notes in Computer Science, Vol. 435). Springer, 239–252. https://doi.org/10.1007/0-387-34805-0_22
[38]
Hovav Shacham and Brent Waters. 2008. Compact Proofs of Retrievability. In International Conference on the Theory and Application of Cryptology and Information Security. Springer, 90–107.
[39]
Mehdi Sookhak, Hamid Talebian, Ejaz Ahmed, Abdullah Gani, and Muhammad Khurram Khan. 2014. A Review on Remote Data Auditing in Single Cloud Server: Taxonomy and Open Issues. Journal of Network and Computer Applications 43 (Aug. 2014), 121–141. https://doi.org/10.1016/j.jnca.2014.04.011
[40]
Statista. 2017. Public Cloud Infrastructure Spending Worldwide 2015-2026. Technical Report.
[41]
F. O. Sullivan. 2018. Top Ten Major Risks Associated with Cloud Storage.
[42]
Choon Beng Tan, Mohd Hanafi Ahmad Hijazi, Yuto Lim, and Abdullah Gani. 2018. A Survey on Proof of Retrievability for Cloud Data Integrity and Availability: Cloud Storage State-of-the-Art, Issues, Solutions and Future Trends. Journal of Network and Computer Applications 110 (2018), 75–86.
[43]
Tran Phuong Thao, Lee Chin Kho, and Azman Osman Lim. 2014. SW-POR: A Novel POR Scheme Using Slepian-Wolf Coding for Cloud Storage. In 2014 IEEE 11th Intl Conf on Ubiquitous Intelligence and Computing and 2014 IEEE 11th Intl Conf on Autonomic and Trusted Computing and 2014 IEEE 14th Intl Conf on Scalable Computing and Communications and Its Associated Workshops. IEEE, Bali, Indonesia, 464–472. https://doi.org/10.1109/UIC-ATC-ScalCom.2014.11
[44]
Qian Wang, Cong Wang, Jin Li, Kui Ren, and Wenjing Lou. 2009. Enabling Public Verifiability and Data Dynamics for Storage Security. Technical Report 281.
[45]
Tao Wang, Bo Yang, Hongyu Liu, Yong Yu, Guoyong Qiu, and Zhe Xia. 2019. An Alternative Approach to Public Cloud Data Auditing Supporting Data Dynamics. Soft Comput 23, 13 (July 2019), 4939–4953. https://doi.org/10.1007/s00500-018-3155-4
[46]
Lifei Wei, Haojin Zhu, Zhenfu Cao, Xiaolei Dong, Weiwei Jia, Yunlu Chen, and Athanasios V. Vasilakos. 2014. Security and Privacy for Storage and Computation in Cloud Computing. Information sciences 258(2014), 371–386.
[47]
Jiawei Yuan and Shucheng Yu. 2015. Pcpor: Public and Constant-Cost Proofs of Retrievability in Cloud1. Journal of Computer Security 23, 3 (2015), 403–425.
[48]
Faheem Zafar, Abid Khan, Saif Ur Rehman Malik, Mansoor Ahmed, Adeel Anjum, Majid Iqbal Khan, Nadeem Javed, Masoom Alam, and Fuzel Jamil. 2017. A Survey of Cloud Computing Data Integrity Schemes: Design Challenges, Taxonomy and Future Trends. Computers & Security 65(2017), 29–49.
[49]
Faen Zhang, Xinyu Fan, Xiang Lei, Jiahong Wu, Jianfei Song, Jiashui Huang, Jingming Guo, and Chao Tong. 2020. Zero Knowledge Proofs for Cloud Storage Integrity Checking. In 2020 39th Chinese Control Conference (CCC). IEEE, 7661–7668.
[50]
Qingji Zheng and Shouhuai Xu. 2011. Fair and Dynamic Proofs of Retrievability. In Proceedings of the First ACM Conference on Data and Application Security and Privacy. 237–248.
[51]
Yan Zhu, Huaixi Wang, ZeXing Hu, Gail-Joon Ahn, and HongXin Hu. 2011. Zero-Knowledge Proofs of Retrievability. Science China Information Sciences 54, 8 (2011), 1608.
Recommendations
Outsourced Proofs of Retrievability
CCS '14: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications SecurityProofs of Retrievability (POR) are cryptographic proofs that enable a cloud provider to prove that a user can retrieve his file in its entirety. POR need to be frequently executed by the user to ensure that their files stored on the cloud can be fully ...
Sharing Proofs of Retrievability across Tenants
ASIA CCS '17: Proceedings of the 2017 ACM on Asia Conference on Computer and Communications SecurityProofs of Retrievability (POR) are cryptographic proofs which provide assurance to a single tenant (who creates tags using his secret material) that his files can be retrieved in their entirety. However, POR schemes completely ignore storage-efficiency ...
Towards efficient proofs of retrievability
ASIACCS '12: Proceedings of the 7th ACM Symposium on Information, Computer and Communications SecurityProofs of Retrievability (POR) is a cryptographic formulation for remotely auditing the integrity of files stored in the cloud, without keeping a copy of the original files in local storage. In a POR scheme, a user Alice backups her data file together ...
Comments
Information & Contributors
Information
Published In
April 2021
410 pages
ISBN:9781450388719
DOI:10.1145/3454127
Copyright © 2021 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 26 November 2021
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed limited
Conference
NISS2021
NISS2021: The 4th International Conference on Networking, Information Systems & Security.
April 1 - 2, 2021
AA, KENITRA, Morocco
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 75Total Downloads
- Downloads (Last 12 months)13
- Downloads (Last 6 weeks)0
Reflects downloads up to 05 Mar 2025
Other Metrics
Citations
Cited By
View all- Gao YDu RWang XLi RLi MWang Z(2024)DRC-EDI: An integrity protection scheme based on data right confirmation for mobile edge computingJournal of Computer Security10.3233/JCS-22010332:4(405-423)Online publication date: 26-Aug-2024
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign inFull Access
View options
View or Download as a PDF file.
PDFeReader
View online with eReader.
eReaderHTML Format
View this article in HTML Format.
HTML Format