Cloud storage has significantly reduced data management costs for data owners. However, loss of physical control over the data after outsourcing, triggers some security concerns such as data integrity. Provable Data Possession (PDP) protocols, enable data owners to audit the integrity of their outsourced data without the need to retrieve the file from cloud server. However, most existing PDP schemes require resource-constrained users to perform costly operations for generating metadata on file blocks. In online/offline PDP mechanisms introduced most recently, the user’s computation is divided into online/offline phases, where the costly operations are allowed to be carried out in the offline phase. The users only require to perform lightweight operations in the real-time online phase. In this paper, we propose an identity-based (ID-based) online/offline PDP protocol which not only has lightweight computations at the users side, but also removes the complex certificate management/verification costs caused by expensive Public Key Infrastructure. The proposed scheme is based on an ID-based online/offline signature designed in this paper. The protocol is proven to be secure against a malicious cloud server in the random oracle model. We also prove the privacy preserving property of the protocol in the sense that it leaks no information of the outsourced data to the public verifier during the protocol execution. Moreover, our mechanism supports batch verification of multiple auditing tasks and fully dynamic data operations, efficiently. Experimental results demonstrate fine efficiency of our scheme in comparison to the recent proposals.
This is a preview of subscription content, log in to check access.
Buy single article
Instant access to the full article PDF.
Tax calculation will be finalised during checkout.
Subscribe to journal
Immediate online access to all issues from 2019. Subscription will auto renew annually.
Tax calculation will be finalised during checkout.
Cloud Security Alliance. Top threats to cloud computing. http://www.cloudsecurityalliance.org (2010). Accessed 25 Oct 2019
Ateniese, G., Burns, R., Curtmola, R., Herring, J., Kissner, L., Peterson, Z., Song, D.: Provable data possession at untrusted stores. In: Proceedings of the 14th ACM conference on computer and communications security, ACM 2007, pp. 598–609. ACM. Alexandria, Virginia, USA, Oct 29–Nov 02 (2007)
Juels, A., Kaliski, B. S. Jr: Pors: proofs of retrievability for large files. In: Proceedings of the 14th ACM conference on computer and communications security, pp. 584–597ACM (2007)
Shacham, H., Waters, B.: Compact proofs of retrievability. In: Proceedings of the international conference on the theory and application of cryptology and information security, pp. 90–107. Springer (2008)
Boneh, D., Lynn, B., Shacham, H.: Short signatures from the weil pairing. In: Proceedings of the advances in cryptology– ASIACRYPT 2001, vol. 2248, pp. 514–532. Springer, Gold Coast, Australia, Dec 9–13 (2001)
Wang, Q., Wang, C., Ren, K., Lou, W., Li, J.: Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans. Parallel Distrib. Syst. 22(5), 847–859 (2011)
Yuan, J., Yu, S.: Pcpor: public and constant-cost proofs of retrievability in cloud. J. Comput. Secur. 23(3), 403–425 (2015)
Liu, J., Huang, K., Rong, H., Wang, H., Xian, M.: Privacy-preserving public auditing for regenerating-code-based cloud storage. IEEE Trans. Inf. Forensics Secur. 10(7), 1513–1528 (2015)
Wu, L., Wang, J., Kumar, N., He, D.: Secure public data auditing scheme for cloud storage in smart city. Pers. Ubiquit. Comput. 21(5), 949–962 (2017)
Cash, D., Küpçü, A., Wichs, D.: Dynamic proofs of retrievability via oblivious ram. J. Cryptol. 30(1), 22–57 (2017)
Zang, L., Yu, Y., Xue, L., Li, Y., Ding, Y., Tao, X.: Improved dynamic remote data auditing protocol for smart city security. Pers. Ubiquit. Comput. 21(5), 911–921 (2017)
Shen, J., Shen, J., Chen, X., Huang, X., Susilo, W.: An efficient public auditing protocol with novel dynamic structure for cloud data. IEEE Trans. Inf. Forensics Secur. 12(10), 2402–2415 (2017)
Li, Y., Yu, Y., Yang, B., Min, G., Wu, H.: Privacy preserving cloud data auditing with efficient key update. Future Gener. Comput. Syst. 78, 789–798 (2018)
Yang, C.-Y., Huang, C.-T., Wang, Y.-P., Chen, Y.-W., Wang, S.-J.: File changes with security proof stored in cloud service systems. Pers. Ubiquit. Comput. 22(1), 45–53 (2018)
Rabaninejad, R., Ahmadian Attari, M., Rajabzadeh Asaar, M., Aref, M. R.: A lightweight auditing service for shared data with secure user revocation in cloud storage. IEEE Trans. Serv. Comput. (2019). https://doi.org/10.1109/TSC.2019.2919627
Rabaninejad, R., Attari, M.A., Asaar, M.R., Aref, M.R.: Comments on a lightweight cloud auditing scheme: Security analysis and improvement J. Netw. Comput. Appl. 139, 49–56 (2019)
Zhao, J., Xu, C., Li, F., Zhang, W.: Identity-based public verification with privacy-preserving for data storage security in cloud computing. IEICE Trans. Fundam. Electron. Commun. Comput. Sci. 96(12), 2709–2716 (2013)
Gentry, C., Ramzan, Z.: Identity-based aggregate signatures. In: Proceedings of the international workshop on public key cryptography, pp. 257–273. Springer (2006)
Wang, H., Wu, Q., Qin, B., Domingo-Ferrer, J.: Identity-based remote data possession checking in public clouds. IET Inf. Secur. 8(2), 114–121 (2013)
Wang, H.: Identity-based distributed provable data possession in multicloud storage. IEEE Trans. Serv. Comput. 8(2), 328–340 (2015)
Yu, Y., Xue, L., Au, M.H., Susilo, W., Ni, J., Zhang, Y., Vasilakos, A.V., Shen, J.: Cloud data integrity checking with an identity-based auditing mechanism from rsa. Future Gener. Comput. Syst. 62, 85–91 (2016)
Yu, Y., Au, M.H., Ateniese, G., Huang, X., Susilo, W., Dai, Y., Min, G.: Identity-based remote data integrity checking with perfect data privacy preserving for cloud storage. IEEE Trans. Inf. Forensics Secur. 12(4), 767–778 (2017)
Wang, Y., Wu, Q., Wong, D. S., Qin, B., Chow, S. S., Liu, Z., Tan, X.: Securely outsourcing exponentiations with single untrusted program for cloud storage. In: Proceedings of the European symposium on research in computer security, pp. 326–343, Springer (2014)
Shen, W., Yu, J., Xia, H., Zhang, H., Lu, X., Hao, R.: Light-weight and privacy-preserving secure cloud auditing scheme for group users via the third party medium. J. Netw. Comput. Appl. 82, 56–64 (2017)
Li, J., Zhang, L., Liu, J.K., Qian, H., Dong, Z.: Privacy-preserving public auditing protocol for low-performance end devices in cloud. IEEE Trans. Inf. Forensics Secur. 11(11), 2572–2583 (2016)
Wang, Y., Wu, Q., Qin, B., Tang, S., Susilo, W.: Online/offline provable data possession. IEEE Trans. Inf. Forensics Secur. 12(5), 1182–1194 (2017)
Merkle, R.C.: Protocols for public key cryptosystems. In: Proceedings of the IEEE symposium on security and privacy, pp. 122–122, IEEE (1980)
Bao, F., Deng, R. H., Zhu, H.: Variations of diffie-hellman problem. In: Proceedings of the international conference on information and communications security. pp. 301–312, Springer (2003)
Krawczyk, H., Rabin, T.: Chameleon signatures. In: Proceedings of the symposium on network and distributed systems security (NDSS’ 00), pp. 143–154, Internet Society (2000)
Yu, Y., Ni, J., Au, M.H., Mu, Y., Wang, B., Li, H.: Comments on a public auditing mechanism for shared cloud data service. IEEE Trans. Serv. Comput. 8(6), 998–999 (2015)
Hess, F.: Efficient identity based signature schemes based on pairings. In: Proceedings of the international workshop on selected areas in cryptography, pp. 310–324. Springer (2002)
Wang, C., Wang, Q., Ren, K., Lou, W.: Privacy-preserving public auditing for data storage security in cloud computing. In: Proceedings of the IEEE Infocom 2010, pp. 1–9. IEEE (2010)
Shamus Software Ltd., Miracl library. http://www.shamus.ie/index.php?page=home. Accessed 25 Oct 2019
This work was partially supported by Iran NSF under Grant No. 96.53979.
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
About this article
Cite this article
Rabaninejad, R., Rajabzadeh Asaar, M., Ahmadian Attari, M. et al. An identity-based online/offline secure cloud storage auditing scheme. Cluster Comput 23, 1455–1468 (2020). https://doi.org/10.1007/s10586-019-03000-5
- Cloud storage
- Data outsourcing
- Public auditing
- Online/offline provable data possession
- Identity-based cryptography