Abstract
Data integrity is extremely important for cloud based storage services, where cloud users no longer have physical possession of their outsourced files. A number of data auditing mechanisms have been proposed to solve this problem. However, how to update a cloud user’s private auditing key (as well as the authenticators those keys are associated with) without the user’s re-possession of the data remains an open problem. In this paper, we propose a key-updating and authenticator-evolving mechanism with zero-knowledge privacy of the stored files for secure cloud data auditing, which incorporates zero knowledge proof systems, proxy re-signatures and homomorphic linear authenticators. We instantiate our proposal with the state-of-the-art Shacham-Waters auditing scheme. When the cloud user needs to update his key, instead of downloading the entire file and re-generating all the authenticators, the user can just download and update the authenticators. This approach dramatically reduces the communication and computation cost while maintaining the desirable security. We formalize the security model of zero knowledge data privacy for auditing schemes in the key-updating context and prove the soundness and zero-knowledge privacy of the proposed construction. Finally, we analyze the complexity of communication, computation and storage costs of the improved protocol which demonstrates the practicality of the proposal.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
This is to offset the winning probability based on random guessing.
- 2.
This is reasonable since the data owner tells TPA which file will be audited in auditing request phase.
References
Mell, P., Grance, T.: Draft NIST working definition of cloud computing, 3 June 2009. http://csrc.nist.gov/groups/SNC/cloud-computing/index.html
Xie, M., Wang, H., Yin, J., Meng, X.: Integrity auditing of outsourced data. In: Proceedings of the 33rd International Conference on Very Large Databases (VLDB 2007), pp. 782–793 (2007)
Buyya, R., Yeo, C.S., Venugopal, S., Broberg, J., Brandic, I.: Cloud computing and emerging IT platforms: vision, hype, and reality for delivering computing as the 5th utility. Future Generat. Comput. Syst. 25(6), 599–616 (2009)
Cloud Security Alliance. Top threats to cloud computing (2010)
Yang, K., Jia, X.H.: Data storage auditing service in cloud computing: challenges, methods and opportunities. World Wide Web 15(4), 409–428 (2012)
Common Sense Alliance (2010). http://www.cert.uy/wps/wcm/connect/975494804fdf89eaabbdab1805790cc9/Cloud_Computing_Vulnerability_Incidents.pdf/?MOD=AJPERES
Ateniese, G., Burns, R.C., Curtmola, R., Herring, J., Kissner, L., Peterson, Z.N.J., Song, D.X.: Provable data possession at untrusted stores. In: Proceedings of ACM Conference on Computer, Communications Security 2007, pp. 598–609 (2011)
Ateniese, G., Burns, R.C., Curtmola, R., Herring, J., Khan, O., Kissner, L., Peterson, Z.N.J., Song, D.: Remote data checking using provable data possession. ACM Trans. Inf. Syst. Secur. 14, 1–34 (2011)
Ateniese, G., Kamara, S., Katz, J.: Proofs of storage from homomorphic identification protocols. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 319–333. Springer, Heidelberg (2009)
Juels, A., Pors, Jr., B.S.K.: Proofs of retrievability for large files. In: Proceedings of CCS 2007, Alexandria, VA, USA, pp. 584–597. ACM, November 2007
Shacham, H., Waters, B.: Compact proofs of retrievability. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 90–107. Springer, Heidelberg (2008)
Boneh, D., Lynn, B., Shacham, H.: Short signatures from the weil pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 514–532. Springer, Heidelberg (2001)
Boneh, D., Lynn, B., Shacham, H.: Short signatures from the weil pairing. J. Cryptol. 17, 297–319 (2004)
Wang, Q., Wang, C., Li, J., Ren, K., Lou, W.: Enabling public verifiability and data dynamics for storage security in cloud computing. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 355–370. Springer, Heidelberg (2009)
Cui, H., Mu, Y., Au, M.H.: Proof of retrievability with public verifiability resilient against related-key attacks. IET Inf. Secur. 9(1), 43–49 (2015)
Wang, C., Wang, Q., Ren, K., Lou, W.: Privacy-preserving public auditing for data storage security in cloud computing. In: Proceedings of IEEE INFOCOM 2010, San Diego, CA, pp. 525–533 (2010)
Wang, C., Chow, S.S., Wang, Q., Ren, K., Lou, W.: Privacy-preserving public auditing for secure cloud storage. IEEE Trans. Comput. 62, 362–375 (2013)
Lier, S., Wörsdörfer, D., Gesing, J.: Business models and product service systems for transformable, modular plants in the chemical process industry. In: Meier, H. (ed.) Product-Service Integration for Sustainable Solutions. LNPE, vol. 6, pp. 227–238. Springer, Heidelberg (2013)
Yang, K., Jia, X.: An efficient and secure dynamic auditing protocol for data storage in cloud computing. IEEE Trans. Parallel Distrib. Syst. 24(9), 1717–1726 (2013)
Wang, H.: Proxy provable data possession in public clouds? IEEE Trans. Serv. Comput. 6(4), 551–559 (2013)
Barsoum, A.F., Hasan, M.A.: Provable multicopy dynamic data possession in cloud computing systems. IEEE Trans. Inf. Forensics Secur. 10(3), 485–497 (2015)
Shi, E., Stefanov, E., Papamanthou, C.: Practical dynamic proofs of retrievability. In: ACM CCS, pp. 325–336 (2013)
Yuan, J., Yu, S.: Public integrity auditing for dynamic data sharing with multi-user modification. IEEE Trans. Inf. Forensics Secur. 10(8), 1717–1726 (2015)
Wang, B.Y., Li, B.C., Li, H.: Public auditing for shared data with efficient user revocation in the cloud. In: INFOCOM, pp. 2904–2912 (2013)
Yuan, J.W., Yu, S.C.: Efficient public integrity checking for cloud data sharing with multi-user modification. In: IEEE INFOCOM, pp. 2121–2129 (2014)
Wang, B.Y., Li, B.H., Li, H.: Panda: public auditing for shared data with efficient user revocation in the cloud. IEEE Trans. Serv. Comput. 8(1), 92–106 (2015)
Wang, B.Y., Li, B.C., Li, H.: Oruta: privacy-preserving public auditing for shared data in the cloud. IEEE Trans. Cloud Comput. 2(1), 43–56 (2014)
Wang, B., Li, B., Li, H.: Knox: privacy-preserving auditing for shared data with large groups in the cloud. In: Bao, F., Samarati, P., Zhou, J. (eds.) ACNS 2012. LNCS, vol. 7341, pp. 507–525. Springer, Heidelberg (2012)
Xu, C., He, X., Abraha-Weldemariam, D.: Cryptanalysis of Wang’s auditing protocol for data storage security in cloud computing. In: Liu, C., Wang, L., Yang, A. (eds.) ICICA 2012, Part II. CCIS, vol. 308, pp. 422–428. Springer, Heidelberg (2012)
Yu, Y., Au, M.H., Mu, Y., Tang, S., Ren, J., Susilo, W., Dong, L.: Enhanced privacy of a remote data integrity checking protocol for secure cloud storage. Int. J. Inf. Secur. 14(4), 307–318 (2015)
Goldwasser, S., Micali, S., Racko, C.: The knowledge complexity of interactive proof systems. SIAM J. Comput. 18(1), 186–208 (1989)
Schnorr, C.P.: Efficient signature generation by smart cards. J. Cryptol. 4(3), 161–174 (1991)
Ateniese, G., Hohenberger, S.: Proxy re-signatures: new definitions, algorithms, and applications. In: Proceedings of ACM Conference on Computer and Communications Security, pp. 310–319 (2005)
Camenisch, J.L., Stadler, M.A.: Efficient group signature schemes for large groups. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 410–424. Springer, Heidelberg (1997)
Barreto, P.S.L.M., Naehrig, M.: Pairing-friendly elliptic curves of prime order. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 319–331. Springer, Heidelberg (2006)
Acknowledgements
This work is supported by the Fundamental Research Funds for the Central Universities under Grant ZYGX2015J059.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Yu, Y., Li, Y., Au, M.H., Susilo, W., Choo, KK.R., Zhang, X. (2016). Public Cloud Data Auditing with Practical Key Update and Zero Knowledge Privacy. In: Liu, J., Steinfeld, R. (eds) Information Security and Privacy. ACISP 2016. Lecture Notes in Computer Science(), vol 9722. Springer, Cham. https://doi.org/10.1007/978-3-319-40253-6_24
Download citation
DOI: https://doi.org/10.1007/978-3-319-40253-6_24
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-40252-9
Online ISBN: 978-3-319-40253-6
eBook Packages: Computer ScienceComputer Science (R0)