logo

SCIENCE CHINA Information Sciences, Volume 62 , Issue 3 : 032104(2019) https://doi.org/10.1007/s11432-018-9462-0

Identity-based public auditing for cloud storage systems against malicious auditors via blockchain

More info
  • ReceivedFeb 26, 2018
  • AcceptedMay 22, 2018
  • PublishedJan 24, 2019

Abstract


Acknowledgment

This work was supported by National Key RD Program of China (Grant No. 2017YFB- 0802000), and National Natural Science Foundation of China (Grant No. 61370203).


References

[1] Wang C, Wang Q, Ren K, et al. Privacy-preserving public auditing for data storage security in cloud computing. In: Proceedings of INFOCOM, San Diego, 2010. Google Scholar

[2] Wang C, Chow S S M, Wang Q. Privacy-Preserving Public Auditing for Secure Cloud Storage. IEEE Trans Comput, 2013, 62: 362-375 CrossRef Google Scholar

[3] Ni J, Yu Y, Mu Y. On the Security of an Efficient Dynamic Auditing Protocol in Cloud Storage. IEEE Trans Parallel Distrib Syst, 2014, 25: 2760-2761 CrossRef Google Scholar

[4] Ateniese G, Burns R, Curtmola R, et al. Provable data possession at untrusted stores. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, Alexandria, 2007. 598--609. Google Scholar

[5] Zhang Y, Xu C, Li H. HealthDep: An Efficient and Secure Deduplication Scheme for Cloud-Assisted eHealth Systems. IEEE Trans Ind Inf, 2018, 14: 4101-4112 CrossRef Google Scholar

[6] Wang Q, Wang C, Li J, et al. Enabling public verifiability and data dynamics for storage security in cloud computing. In: Proceedings of European symposium on research in computer security, Saint-Malo, 2009. 355--370. Google Scholar

[7] Zhang J H, Dong Q C. Efficient ID-based public auditing for the outsourced data in cloud storage. Inform Sciences, 2016, 343: 1--14. Google Scholar

[8] Armknecht F, Bohli J, Karame G, et al. Outsourced proofs of retrievability. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, Scottsdale, 2014. 831--843. Google Scholar

[9] Juels A, Kaliski B. PORs: proofs of retrievability for large files. In: Proceedings of the 14th ACM conference on computer and communications security, Alexandria, 2007. 584--597. Google Scholar

[10] Shacham H, Waters B. Compact proofs of retrievability. In: Proceedings of International Conference on the Theory and Application of Cryptology and Information Security, Melbourne, 2008. 90--107. Google Scholar

[11] Worku S G, Xu C, Zhao J. Cloud data auditing with designated verifier. Front Comput Sci, 2014, 8: 503-512 CrossRef Google Scholar

[12] Worku S G, Xu C X, Zhao J N, et al. Secure and efficient privacy-preserving public auditing scheme for cloud storage. Computers & Electrical Engineering, 2014, 40: 1703--1713. Google Scholar

[13] Zhao J N, Xu C X, Li F G, et al. Identity-based public verification with privacy-preserving for data storage security in cloud computing. IEICE Trans Fund Electron, 2013, 96: 2709--2716. Google Scholar

[14] Liu C, Chen J, Yang L T. Authorized Public Auditing of Dynamic Big Data Storage on Cloud with Efficient Verifiable Fine-Grained Updates. IEEE Trans Parallel Distrib Syst, 2014, 25: 2234-2244 CrossRef Google Scholar

[15] Shen J, Shen J, Chen X. An Efficient Public Auditing Protocol With Novel Dynamic Structure for Cloud Data. IEEE Trans Inf Forensic Secur, 2017, 12: 2402-2415 CrossRef Google Scholar

[16] Zhang Y, Xu C, Liang X. Efficient Public Verification of Data Integrity for Cloud Storage Systems from Indistinguishability Obfuscation. IEEE Trans Inf Forensic Secur, 2017, 12: 676-688 CrossRef Google Scholar

[17] Zhang Y, Xu C X, Li H W, et al. Cryptographic public verification of data integrity for cloud storage systems. IEEE Cloud Comput, 2016, 3: 44--52. Google Scholar

[18] Wang B Y, Li B C, Li H. Oruta: privacy-preserving public auditing for shared data in the cloud. IEEE Trans Cloud Comput, 2014, 2: 43-56 CrossRef Google Scholar

[19] Wang B, Li B, Li H. Panda: Public Auditing for Shared Data with Efficient User Revocation in the Cloud. IEEE Trans Serv Comput, 2015, 8: 92-106 CrossRef Google Scholar

[20] Yuan J W, Yu S C. Public Integrity Auditing for Dynamic Data Sharing With Multiuser Modification. IEEE Trans Inf Forensic Secur, 2015, 10: 1717-1726 CrossRef Google Scholar

[21] Jiang T, Chen X, Ma J. Public Integrity Auditing for Shared Dynamic Cloud Data with Group User Revocation. IEEE Trans Comput, 2016, 65: 2363-2373 CrossRef Google Scholar

[22] Liu X M, Zhang T, Ma J F, et al. Efficient data integrity verification using attribute based multi-signature scheme in wireless network. In: Proceedings of the 5th International Conference on Intelligent Networking and Collaborative Systems, Xi'an, 2013. 173--180. Google Scholar

[23] Liu X M, Ma J F, Xiong J B, et al. Personal health records integrity verification using attribute based proxy signature in cloud computing. In: Proceedings of International Conference on Internet and Distributed Computing Systems, Hangzhou, 2013. 238--251. Google Scholar

[24] Wang Y, Wu Q, Qin B. Identity-Based Data Outsourcing With Comprehensive Auditing in Clouds. IEEE TransInformForensic Secur, 2017, 12: 940-952 CrossRef Google Scholar

[25] Wang H, He D, Tang S. Identity-Based Proxy-Oriented Data Uploading and Remote Data Integrity Checking in Public Cloud. IEEE Trans Inf Forensic Secur, 2016, 11: 1165-1176 CrossRef Google Scholar

[26] Zhang Y, Xu C, Yu S. SCLPV: Secure Certificateless Public Verification for Cloud-Based Cyber-Physical-Social Systems Against Malicious Auditors. IEEE Trans Comput Soc Syst, 2015, 2: 159-170 CrossRef Google Scholar

[27] Sookhak M, Gani A, Talebian H, et al. Remote data auditing in cloud computing environments: a survey, taxonomy, and open issues. ACM Comput Surv (CSUR), 2015, 47: 65. Google Scholar

[28] Nakamoto S. Bitcoin: a peer-to-peer electronic cash system. 2008. http://www.bitcoin.org. Google Scholar

[29] Wood G. Ethereum: a Secure Decentralised Generalised Transaction Ledger. Ethereum Project Yellow Paper, 2014. Google Scholar

[30] Pilkington M. Blockchain technology: principles and applications. In: Research Handbook on Digital Transformations. Cheltenham: Edward Elgar Publishing, 2016. 225--253. Google Scholar

[31] Buterin V. On public and private blockchains. 2015. https://blog.ethereum.org/2015/08/07/on-public-and-private-blockchains/. Google Scholar

[32] Yu Y, Au M H, Ateniese G. Identity-Based Remote Data Integrity Checking With Perfect Data Privacy Preserving for Cloud Storage. IEEE TransInformForensic Secur, 2017, 12: 767-778 CrossRef Google Scholar

[33] Li Y N, Yu Y, Min G Y, et al. Fuzzy identity-based data integrity auditing for reliable cloud storage systems. IEEE T Depend Secure, 2017. Google Scholar

  • Figure 1

    (Color online) System model.

  • Figure 2

    (Color online) Simplified blockchain.

  • Figure 3

    (Color online) Procedure for the setup phase.

  • Figure 4

    (Color online) Procedure for the audit phase.

  • Figure 5

    (Color online) Public blockchain.

  • Figure 6

    (Color online) (a) Computation time on the user side versus the number of data blocks; (b) computation time on the TPA side versus the number of data blocks.

  • Table 1   Log file
    t Nonce D $(S,T,\mu,y)$ Auditing results
    $t_{1}$ ${\rm~nonce}_{1}$ $D_{1}$ $(S_{1},T_{1},\mu_{1},y_{1})$ 1/0
    $t_{2}$ ${\rm~nonce}_{2}$ $D_{2}$ $(S_{2},T_{2},\mu_{2},y_{2})$ 1/0
    $\vdots$
  • Table 2   Notations for operations/implications
    Symbol Corresponding operation/implication
    $M$ The point multiplication operation in $G_{1}$
    $E$ The exponentiation operation in $G_{2}$
    $P$ The pairing operation
    $|x|$ The number of bits of $x$
  • Table 3   Comparison of costs
    Scheme User's computational cost TPA's computational cost TPA's communication cost
    IBRDIC [32] $(n~+~2)E$ $(n~+~3)E$ + $(n~+~1)P$ $|~m~|$ + $2|~G_{1}~|$
    FIBDIA [33] $nM~+~4nE$ $(4n~+~1)E$ + $(n~+~2)P$ $|~m~|$ + $3|~G~|$
    Ours $(n~+~4)M~+~3P$ $(n~+~1)M~+~3P$ $|~Z_{q}~|$ + 3$|~G_{1}~|$
  • Table 4   Comparison of security properties
    Security IBRDIC[32] FIBDIA[33] Ours
    Resistance against replacement attacks Y Y Y
    Resistance against forgery attacks Y N Y
    Resistance against malicious auditors N N Y