Abstract
Cloud computing is deemed the next-generation information technology (IT) platform, in which a data center is crucial for providing a large amount of computing and storage resources for various service applications with high quality guaranteed. However, cloud users no longer possess their data in a local data storage infrastructure, which would result in auditing for the integrity of outsourced data being a challenging problem, especially for users with constrained computing resources. Therefore, how to help the users complete the verification of the integrity of the outsourced data has become a key issue. Public verification is a critical technique to solve this problem, from which the users can resort to a third-party auditor (TPA) to check the integrity of outsourced data. Moreover, an identity-based (ID-based) public key cryptosystem would be an efficient key management scheme for certificate-based public key setting. In this paper, we combine ID-based aggregate signature and public verification to construct the protocol of provable data integrity. With the proposed mechanism, the TPA not only verifies the integrity of outsourced data on behalf of cloud users, but also alleviates the burden of checking tasks with the help of users’ identity. Compared to previous research, the proposed scheme greatly reduces the time of auditing a single task on the TPA side. Security analysis and performance evaluation results show the high efficiency and security of the proposed scheme.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Ateniese, G., Burns, R., Curtmola, R., et al., 2007. Provable data possession at untrusted stores. Proc. 14th ACM Conf. on Computer and Communications Security, p.598–609. [doi:10.1145/1315245.1315318]
Ateniese, G., di Pietro, R., Mancini, L.V., et al., 2008. Scalable and efficient provable data possession. Proc. 4th Int. Conf. on Security and Privacy in Communication Networks, Article 9. [doi:10.1145/1460877.1460889]
Ateniese, G., Burns, R., Curtmola, R., et al., 2011. Remote data checking using provable data possession. ACM Trans. Inform. Syst. Secur., 14(1):1–12. [doi:10.1145/ 1952982.1952994]
Boneh, D., Boyen, X., 2004. Efficient selective-ID secure identity-based encryption without random oracles. Advances in Cryptology-EUROCRYPT, p.223–238.
Boneh, D., Franklin, M., 2001. Identity-based encryption from the weil pairing. Advances in Cryptology-CRYPTO, p.213–229.
Boneh, D., Boyen, X., Goh, E.J., 2005. Hierarchical identity based encryption with constant size ciphertext. Advances in Cryptology-EUROCRYPT, p.440–456. [doi:10.1007/11426639_26]
Chen, B., Curtmola, R., 2012. Robust dynamic provable data possession. 32nd Int. Conf. on Distributed Computing Systems Workshops, p.515–525. [doi:10. 1109/ICDCSW.2012.57]
Erway, C., Kupcu, A., Papamanthou, C., et al., 2009. Dynamic provable data possession. Proc. 16th ACM Conf. on Computer and Communications Security, p.213–222. [doi:10.1145/1653662.1653688]
Gartner, 2010. Gartner Identifies the Top 10 Strategic Technologies for 2011. Available from http://www.gartner.com/newsroom/id/1454221
Gentry, C., Ramzan, Z., 2006. Identity-based aggregate signatures. Public Key Cryptography, p.257–273.
Gentry, C., Silverberg, A., 2002. Hierarchical ID-based cryptography. Advances in Cryptology-CRYPTO, p.548–566.
Hao, Z., Zhong, S., Yu, N.H., 2011. A privacy-preserving remote data integrity checking protocol with data dynamics and public verifiability. IEEE Trans. Knowl. Data Eng., 23(9):1432–1437. [doi:10.1109/TKDE.2011.62]
Hashizume, K., Rosado, D.G., Fernandez-Medina, E., et al., 2013. An analysis of security issues for cloud computing. J. Internet Serv. Appl., 4:5. [doi:10.1186/1869-0238-4-5]
Hochmuth, P., Richmond, C., Hudson, S., et al., 2013. 2013 U.S. Cloud Security Survey. Technical Report No. 242836, International Data Corporation (IDC), USA. Available from http://www.idc.com/getdoc.jsp? containerId=242836.
Juels, A., Kaliski, B.S.Jr., 2007. Pors: proofs of retrievability for large files. Proc. 14th ACM Conf. on Computer and Communications Security, p.584–597. [doi:10.1145/1315245.1315317]
Khan, A., Kiah, M.L.M., Khan, S.U., et al., 2013a. A study of incremental cryptography for security schemes in mobile cloud computing environments. IEEE Symp. on Wireless Technology and Applications, p.62–67. [doi:10.1109/ISWTA.2013.6688818]
Khan, A., Othman, M., Madani, S.A., et al., 2013b. A survey of mobile cloud computing application models. IEEE Commun. Surv. Tutor., 16(1):393–413. [doi:10.1109/SURV.2013.062613.00160]
Lokantas, F., Salonu, H.S., 2013. IDC’s Cloud Computing and Datacenter Roadshow 2013. Available from http://idc-cema.com/eng/events/50527-idc-scloud-computing-and-datacenter-roadshow-2013.
Mell, P., Grance, T., 2009. The NIST Definition of Cloud Computing. Technical Report No. SP 800-145, National Institute of Standards and Techninology (NIST), USA.
Ristenpart, T., Tromer, E., Shacham, H., et al., 2009. Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. Proc. 16th ACM Conf. on Computer and Communications Security, p.199–212. [doi:10.1145/1653662.1653687]
Shacham, H., Waters, B., 2008. Compact proofs of retrievability. Advances in Cryptology-ASIACRYPT, p.90–107.
Shacham, H., Waters, B., 2013. Compact proofs of retrievability. J. Cryptol., 26(3):442–483. [doi:10.1007/s00145-012-9129-2]
Shamir, A., 1985. Identity-based cryptosystems and signature schemes. Advances in Cryptology-ASIACRYPT, p.47–53. [doi:10.1007/3-540-39568-7_5]
Wang, C., Wang, Q., Ren, K., et al., 2009. Ensuring data storage security in cloud computing. 17th Int. Workshop on Quality of Service, p.1–9. [doi:10.1109/IWQoS.2009.5201385]
Wang, C., Wang, Q., Ren, K., et al., 2010. Privacypreserving public auditing for data storage security in cloud computing. Proc. IEEE INFOCOM, p.1–9. [doi:10.1109/INFCOM.2010.5462173]
Wang, C., Wang, Q., Ren, K., et al., 2012. Toward secure and dependable storage services in cloud computing. IEEE Trans. Serv. Comput., 5(2):220–232. [doi:10.1109/TSC.2011.24]
Wang, C., Chow, S., Wang, Q., et al., 2013. Privacypreserving public auditing for secure cloud storage. IEEE Trans. Comput., 62(2):362–375. [doi:10.1109/TC.2011.245]
Wang, Q., Wang, C., Li, J., et al., 2009. Enabling public verifiability and data dynamics for storage security in cloud computing. Computer Security-ESORICS, p.355–370. [doi:10.1007/978-3-642-04444-1_22]
Waters, B., 2005. Efficient identity-based encryption without random oracles. Advances in Cryptology-EUROCRYPT, p.114–127. [doi:10.1007/11426639_7]
Zhu, Y., Hu, H.X., Ahn, G.J., et al., 2011a. Collaborative integrity verification in hybrid clouds. 7th Int. Conf. on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom), p.191–200.
Zhu, Y., Wang, H.X., Hu, Z.X., et al., 2011b. Zero-knowledge proofs of retrievability. Sci. China Inform. Sci., 54(8):1608–1617. [doi:10.1007/s11432-011-4293-9]
Author information
Authors and Affiliations
Corresponding author
Additional information
Project supported by the National Natural Science Foundation of China (Nos. 60933005 and 91124002), the National High-Tech R&D Program (863) of China (Nos. 2010AA012505, 2011AA010702, 2012AA01A401, and 2012AA01A402), the National 242 Foundation (No. 2011A010), and the National Technology Support Foundation (Nos. 2012BAH38B04 and 2012BAH38B06)
Rights and permissions
About this article
Cite this article
Tan, S., Jia, Y. NaEPASC: a novel and efficient public auditing scheme for cloud data. J. Zhejiang Univ. - Sci. C 15, 794–804 (2014). https://doi.org/10.1631/jzus.C1400045
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1631/jzus.C1400045