An identity-based online/offline secure cloud storage auditing scheme

Abstract

Cloud storage has significantly reduced data management costs for data owners. However, loss of physical control over the data after outsourcing, triggers some security concerns such as data integrity. Provable Data Possession (PDP) protocols, enable data owners to audit the integrity of their outsourced data without the need to retrieve the file from cloud server. However, most existing PDP schemes require resource-constrained users to perform costly operations for generating metadata on file blocks. In online/offline PDP mechanisms introduced most recently, the user’s computation is divided into online/offline phases, where the costly operations are allowed to be carried out in the offline phase. The users only require to perform lightweight operations in the real-time online phase. In this paper, we propose an identity-based (ID-based) online/offline PDP protocol which not only has lightweight computations at the users side, but also removes the complex certificate management/verification costs caused by expensive Public Key Infrastructure. The proposed scheme is based on an ID-based online/offline signature designed in this paper. The protocol is proven to be secure against a malicious cloud server in the random oracle model. We also prove the privacy preserving property of the protocol in the sense that it leaks no information of the outsourced data to the public verifier during the protocol execution. Moreover, our mechanism supports batch verification of multiple auditing tasks and fully dynamic data operations, efficiently. Experimental results demonstrate fine efficiency of our scheme in comparison to the recent proposals.

This is a preview of subscription content, log in to check access.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

References

  1. 1.

    Cloud Security Alliance. Top threats to cloud computing. http://www.cloudsecurityalliance.org (2010). Accessed 25 Oct 2019

  2. 2.

    Ateniese, G., Burns, R., Curtmola, R., Herring, J., Kissner, L., Peterson, Z., Song, D.: Provable data possession at untrusted stores. In: Proceedings of the 14th ACM conference on computer and communications security, ACM 2007, pp. 598–609. ACM. Alexandria, Virginia, USA, Oct 29–Nov 02 (2007)

  3. 3.

    Juels, A., Kaliski, B. S. Jr: Pors: proofs of retrievability for large files. In: Proceedings of the 14th ACM conference on computer and communications security, pp. 584–597ACM (2007)

  4. 4.

    Shacham, H., Waters, B.: Compact proofs of retrievability. In: Proceedings of the international conference on the theory and application of cryptology and information security, pp. 90–107. Springer (2008)

  5. 5.

    Boneh, D., Lynn, B., Shacham, H.: Short signatures from the weil pairing. In: Proceedings of the advances in cryptology– ASIACRYPT 2001, vol. 2248, pp. 514–532. Springer, Gold Coast, Australia, Dec 9–13 (2001)

  6. 6.

    Wang, Q., Wang, C., Ren, K., Lou, W., Li, J.: Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans. Parallel Distrib. Syst. 22(5), 847–859 (2011)

    Article  Google Scholar 

  7. 7.

    Yuan, J., Yu, S.: Pcpor: public and constant-cost proofs of retrievability in cloud. J. Comput. Secur. 23(3), 403–425 (2015)

    Article  Google Scholar 

  8. 8.

    Liu, J., Huang, K., Rong, H., Wang, H., Xian, M.: Privacy-preserving public auditing for regenerating-code-based cloud storage. IEEE Trans. Inf. Forensics Secur. 10(7), 1513–1528 (2015)

    Article  Google Scholar 

  9. 9.

    Wu, L., Wang, J., Kumar, N., He, D.: Secure public data auditing scheme for cloud storage in smart city. Pers. Ubiquit. Comput. 21(5), 949–962 (2017)

    Article  Google Scholar 

  10. 10.

    Cash, D., Küpçü, A., Wichs, D.: Dynamic proofs of retrievability via oblivious ram. J. Cryptol. 30(1), 22–57 (2017)

    MathSciNet  Article  Google Scholar 

  11. 11.

    Zang, L., Yu, Y., Xue, L., Li, Y., Ding, Y., Tao, X.: Improved dynamic remote data auditing protocol for smart city security. Pers. Ubiquit. Comput. 21(5), 911–921 (2017)

    Article  Google Scholar 

  12. 12.

    Shen, J., Shen, J., Chen, X., Huang, X., Susilo, W.: An efficient public auditing protocol with novel dynamic structure for cloud data. IEEE Trans. Inf. Forensics Secur. 12(10), 2402–2415 (2017)

    Article  Google Scholar 

  13. 13.

    Li, Y., Yu, Y., Yang, B., Min, G., Wu, H.: Privacy preserving cloud data auditing with efficient key update. Future Gener. Comput. Syst. 78, 789–798 (2018)

    Article  Google Scholar 

  14. 14.

    Yang, C.-Y., Huang, C.-T., Wang, Y.-P., Chen, Y.-W., Wang, S.-J.: File changes with security proof stored in cloud service systems. Pers. Ubiquit. Comput. 22(1), 45–53 (2018)

    Article  Google Scholar 

  15. 15.

    Rabaninejad, R., Ahmadian Attari, M., Rajabzadeh Asaar, M., Aref, M. R.: A lightweight auditing service for shared data with secure user revocation in cloud storage. IEEE Trans. Serv. Comput. (2019). https://doi.org/10.1109/TSC.2019.2919627

    Article  Google Scholar 

  16. 16.

    Rabaninejad, R., Attari, M.A., Asaar, M.R., Aref, M.R.: Comments on a lightweight cloud auditing scheme: Security analysis and improvement J. Netw. Comput. Appl. 139, 49–56 (2019)

    Article  Google Scholar 

  17. 17.

    Zhao, J., Xu, C., Li, F., Zhang, W.: Identity-based public verification with privacy-preserving for data storage security in cloud computing. IEICE Trans. Fundam. Electron. Commun. Comput. Sci. 96(12), 2709–2716 (2013)

    Article  Google Scholar 

  18. 18.

    Gentry, C., Ramzan, Z.: Identity-based aggregate signatures. In: Proceedings of the international workshop on public key cryptography, pp. 257–273. Springer (2006)

  19. 19.

    Wang, H., Wu, Q., Qin, B., Domingo-Ferrer, J.: Identity-based remote data possession checking in public clouds. IET Inf. Secur. 8(2), 114–121 (2013)

    Article  Google Scholar 

  20. 20.

    Wang, H.: Identity-based distributed provable data possession in multicloud storage. IEEE Trans. Serv. Comput. 8(2), 328–340 (2015)

    Article  Google Scholar 

  21. 21.

    Yu, Y., Xue, L., Au, M.H., Susilo, W., Ni, J., Zhang, Y., Vasilakos, A.V., Shen, J.: Cloud data integrity checking with an identity-based auditing mechanism from rsa. Future Gener. Comput. Syst. 62, 85–91 (2016)

    Article  Google Scholar 

  22. 22.

    Yu, Y., Au, M.H., Ateniese, G., Huang, X., Susilo, W., Dai, Y., Min, G.: Identity-based remote data integrity checking with perfect data privacy preserving for cloud storage. IEEE Trans. Inf. Forensics Secur. 12(4), 767–778 (2017)

    Article  Google Scholar 

  23. 23.

    Wang, Y., Wu, Q., Wong, D. S., Qin, B., Chow, S. S., Liu, Z., Tan, X.: Securely outsourcing exponentiations with single untrusted program for cloud storage. In: Proceedings of the European symposium on research in computer security, pp. 326–343, Springer (2014)

  24. 24.

    Shen, W., Yu, J., Xia, H., Zhang, H., Lu, X., Hao, R.: Light-weight and privacy-preserving secure cloud auditing scheme for group users via the third party medium. J. Netw. Comput. Appl. 82, 56–64 (2017)

    Article  Google Scholar 

  25. 25.

    Li, J., Zhang, L., Liu, J.K., Qian, H., Dong, Z.: Privacy-preserving public auditing protocol for low-performance end devices in cloud. IEEE Trans. Inf. Forensics Secur. 11(11), 2572–2583 (2016)

    Article  Google Scholar 

  26. 26.

    Wang, Y., Wu, Q., Qin, B., Tang, S., Susilo, W.: Online/offline provable data possession. IEEE Trans. Inf. Forensics Secur. 12(5), 1182–1194 (2017)

    Article  Google Scholar 

  27. 27.

    Merkle, R.C.: Protocols for public key cryptosystems. In: Proceedings of the IEEE symposium on security and privacy, pp. 122–122, IEEE (1980)

  28. 28.

    Bao, F., Deng, R. H., Zhu, H.: Variations of diffie-hellman problem. In: Proceedings of the international conference on information and communications security. pp. 301–312, Springer (2003)

  29. 29.

    Krawczyk, H., Rabin, T.: Chameleon signatures. In: Proceedings of the symposium on network and distributed systems security (NDSS’ 00), pp. 143–154, Internet Society (2000)

  30. 30.

    Yu, Y., Ni, J., Au, M.H., Mu, Y., Wang, B., Li, H.: Comments on a public auditing mechanism for shared cloud data service. IEEE Trans. Serv. Comput. 8(6), 998–999 (2015)

    Article  Google Scholar 

  31. 31.

    Hess, F.: Efficient identity based signature schemes based on pairings. In: Proceedings of the international workshop on selected areas in cryptography, pp. 310–324. Springer (2002)

  32. 32.

    Wang, C., Wang, Q., Ren, K., Lou, W.: Privacy-preserving public auditing for data storage security in cloud computing. In: Proceedings of the IEEE Infocom 2010, pp. 1–9. IEEE (2010)

  33. 33.

    Shamus Software Ltd., Miracl library. http://www.shamus.ie/index.php?page=home. Accessed 25 Oct 2019

Download references

Funding

This work was partially supported by Iran NSF under Grant No. 96.53979.

Author information

Affiliations

Authors

Corresponding author

Correspondence to Reyhaneh Rabaninejad.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Rabaninejad, R., Rajabzadeh Asaar, M., Ahmadian Attari, M. et al. An identity-based online/offline secure cloud storage auditing scheme. Cluster Comput 23, 1455–1468 (2020). https://doi.org/10.1007/s10586-019-03000-5

Download citation

Keywords

  • Cloud storage
  • Data outsourcing
  • Public auditing
  • Online/offline provable data possession
  • Privacy-preserving
  • Identity-based cryptography