Advertisement

Identity-Based Proofs of Storage with Enhanced Privacy

  • Miaomiao Tian
  • Shibei Ye
  • Hong Zhong
  • Lingyan Wang
  • Fei Chen
  • Jie Cui
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11337)

Abstract

Proofs of storage (PoS) refer to an effective solution for checking the integrity of large files stored in clouds, such as provable data possession and proofs of retrievability. Traditional PoS schemes are mostly designed in the public key infrastructure setting, thus they will inevitably suffer from the complex certificate management problem when deployed. Identity-based PoS (IBPoS) is a lightweight variant of traditional PoS that eliminates the certificate management problem via identity-based cryptographic technology. Although there are several IBPoS schemes in the literature, all of them cannot simultaneously protect both identity privacy and data privacy against a third-party verifier that is pervasive in IBPoS systems. To fill this gap, in this paper we propose a new IBPoS scheme, from which a verifier is able to confirm the integrity of the files stored in clouds but cannot get the files or the identity information of their owners. We prove our scheme is secure in the random oracle model under a standard assumption. Finally, we also conduct a series of experiments to evaluate its performance.

Keywords

Proof of storage Identity-based cryptography Identity privacy Data privacy 

Notes

Acknowledgements

We thank the anonymous reviewers for helpful comments. This work is supported by the National Natural Science Foundation of China under Grants 61502443, 61572001 and 61502314, and by the Open Fund for Discipline Construction, Institute of Physical Science and Information Technology, Anhui University.

References

  1. 1.
    Ateniese, G., et al.: Provable data possession at untrusted stores. In: ACM Conference on Computer and Communications Security, pp. 598–609. ACM (2007)Google Scholar
  2. 2.
    Ateniese, G., Di Pietro, R., Mancini, L.V., Tsudik, G.: Scalable and efficient provable data possession. In: International Conference on Security and Privacy in Communication Networks, p. 9. ACM (2008)Google Scholar
  3. 3.
    Ateniese, G., Kamara, S., Katz, J.: Proofs of storage from homomorphic identification protocols. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 319–333. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-10366-7_19CrossRefGoogle Scholar
  4. 4.
  5. 5.
    Bao, F., Deng, R.H., Zhu, H.F.: Variations of diffie-hellman problem. In: Qing, S., Gollmann, D., Zhou, J. (eds.) ICICS 2003. LNCS, vol. 2836, pp. 301–312. Springer, Heidelberg (2003).  https://doi.org/10.1007/978-3-540-39927-8_28CrossRefGoogle Scholar
  6. 6.
    Bellare, M., Neven, G.: Multi-signatures in the plain public-key model and a general forking lemma. In: ACM Conference on Computer and Communications Security, pp. 390–399. ACM (2006)Google Scholar
  7. 7.
    Bender, A., Katz, J., Morselli, R.: Ring signatures: stronger definitions, and constructions without random oracles. J. Cryptol. 22(1), 114–138 (2009)MathSciNetzbMATHCrossRefGoogle Scholar
  8. 8.
    Boneh, D., Gentry, C., Lynn, B., Shacham, H.: Aggregate and verifiably encrypted signatures from bilinear maps. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 416–432. Springer, Heidelberg (2003).  https://doi.org/10.1007/3-540-39200-9_26CrossRefGoogle Scholar
  9. 9.
    Boneh, D., Lynn, B., Shacham, H.: Short signatures from the weil pairing. J. Cryptol. 17(4), 297–319 (2004)MathSciNetzbMATHCrossRefGoogle Scholar
  10. 10.
    Chen, F., Xiang, T., Yang, Y., Chow, S.S.M.: Secure cloud storage meets with secure network coding. IEEE Trans. Comput. 65(6), 1936–1948 (2016)MathSciNetzbMATHCrossRefGoogle Scholar
  11. 11.
    Chow, S.S.M., Yiu, S.-M., Hui, L.C.K.: Efficient identity based ring signature. In: Ioannidis, J., Keromytis, A., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 499–512. Springer, Heidelberg (2005).  https://doi.org/10.1007/11496137_34CrossRefGoogle Scholar
  12. 12.
    Diffie, W., Hellman, M.: New directions in cryptography. IEEE Trans. Inf. Theory 22(6), 644–654 (1976)MathSciNetzbMATHCrossRefGoogle Scholar
  13. 13.
    Dodis, Y., Vadhan, S., Wichs, D.: Proofs of retrievability via hardness amplification. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 109–127. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-00457-5_8zbMATHCrossRefGoogle Scholar
  14. 14.
    Erway, C., Küpçü, A., Papamanthou, C., Tamassia, R.: Dynamic provable data possession. In: ACM Conference on Computer and Communications Security, pp. 213–222. ACM (2009)Google Scholar
  15. 15.
    Erway, C., Küpçü, A., Papamanthou, C., Tamassia, R.: Dynamic provable data possession. ACM Trans. Inf. Syst. Secur. 17(4), 15 (2015)CrossRefGoogle Scholar
  16. 16.
    Guan, C., Ren, K., Zhang, F., Kerschbaum, F., Yu, J.: Symmetric-key based proofs of retrievability supporting public verification. In: Pernul, G., Ryan, P.Y.A., Weippl, E. (eds.) ESORICS 2015. LNCS, vol. 9326, pp. 203–223. Springer, Cham (2015).  https://doi.org/10.1007/978-3-319-24174-6_11CrossRefGoogle Scholar
  17. 17.
    Juels, A., Kaliski, Jr., B.S.: PORs: proofs of retrievability for large files. In: ACM Conference on Computer and Communications Security, pp. 584–597. ACM (2007)Google Scholar
  18. 18.
    Liu, H., et al.: Identity-based provable data possession revisited: security analysis and generic construction. Comput. Stand. Interfaces 54, 10–19 (2017)CrossRefGoogle Scholar
  19. 19.
    Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978)MathSciNetzbMATHCrossRefGoogle Scholar
  20. 20.
    Schnorr, C.-P.: Efficient signature generation by smart cards. J. Cryptol. 4(3), 161–174 (1991)zbMATHCrossRefGoogle Scholar
  21. 21.
    Shacham, H., Waters, B.: Compact proofs of retrievability. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 90–107. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-89255-7_7CrossRefGoogle Scholar
  22. 22.
    Shacham, H., Waters, B.: Compact proofs of retrievability. J. Cryptol. 26(3), 442–483 (2013)MathSciNetzbMATHCrossRefGoogle Scholar
  23. 23.
    Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakley, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985).  https://doi.org/10.1007/3-540-39568-7_5CrossRefGoogle Scholar
  24. 24.
    Wang, B., Li, B., Li, H.: Oruta: privacy-preserving public auditing for shared data in the cloud. In: IEEE International Conference on Cloud Computing, pp. 295–302. IEEE (2012)Google Scholar
  25. 25.
    Wang, B., Li, B., Li, H.: Oruta: privacy-preserving public auditing for shared data in the cloud. IEEE Trans. Cloud Comput. 2(1), 43–56 (2014)MathSciNetCrossRefGoogle Scholar
  26. 26.
    Wang, C., Chow, S.S.M., Wang, Q., Ren, K., Lou, W.: Privacy-preserving public auditing for secure cloud storage. IEEE Trans. Comput. 62(2), 362–375 (2013)MathSciNetzbMATHCrossRefGoogle Scholar
  27. 27.
    Wang, C., Wang, Q., Ren, K., Lou, W.: Privacy-preserving public auditing for data storage security in cloud computing. In: IEEE International Conference on Computer Communications, pp. 1–9. IEEE (2010)Google Scholar
  28. 28.
    Wang, H.: Identity-based distributed provable data possession in multicloud storage. IEEE Trans. Serv. Comput. 8(2), 328–340 (2015)CrossRefGoogle Scholar
  29. 29.
    Wang, H., He, D., Yu, J., Wang, Z.: Incentive and unconditionally anonymous identity-based public provable data possession. IEEE Trans. Serv. Comput.  https://doi.org/10.1109/TSC.2016.2633260
  30. 30.
    Wang, H., Qianhong, W., Qin, B., Domingo-Ferrer, J.: Identity-based remote data possession checking in public clouds. IET Inf. Secur. 8(2), 114–121 (2014)CrossRefGoogle Scholar
  31. 31.
    Wang, Q., Wang, C., Li, J., Ren, K., Lou, W.: Enabling public verifiability and data dynamics for storage security in cloud computing. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 355–370. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-04444-1_22CrossRefGoogle Scholar
  32. 32.
    Wang, Q., Wang, C., Ren, K., Lou, W., Li, J.: Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans. Parallel Distrib. Syst. 22(5), 847–859 (2011)CrossRefGoogle Scholar
  33. 33.
    Yang, K., Jia, X.: An efficient and secure dynamic auditing protocol for data storage in cloud computing. IEEE Trans. Parallel Distrib. Syst. 24(9), 1717–1726 (2013)CrossRefGoogle Scholar
  34. 34.
    Yu, Y., et al.: Identity-based remote data integrity checking with perfect data privacy preserving for cloud storage. IEEE Trans. Inf. Forensics Secur. 12(4), 767–778 (2017)CrossRefGoogle Scholar
  35. 35.
    Yu, Y., et al.: Cloud data integrity checking with an identity-based auditing mechanism from RSA. Future Gen. Comput. Syst. 62, 85–91 (2016)CrossRefGoogle Scholar
  36. 36.
    Yu, Y., Zhang, Y., Mu, Y., Susilo, W., Liu, H.: Provably secure identity based provable data possession. In: Au, M.-H., Miyaji, A. (eds.) ProvSec 2015. LNCS, vol. 9451, pp. 310–325. Springer, Cham (2015).  https://doi.org/10.1007/978-3-319-26059-4_17zbMATHCrossRefGoogle Scholar
  37. 37.
    Zhang, J., Yang, Y., Chen, Y., Chen, F.: A secure cloud storage system based on discrete logarithm problem. In: IEEE/ACM International Symposium on Quality of Service, pp. 1–10. IEEE (2017)Google Scholar
  38. 38.
    Zhu, Y., Hu, H., Ahn, G.J., Yu, M.: Cooperative provable data possession for integrity verification in multicloud storage. IEEE Trans. Parallel Distrib. Syst. 23(12), 2231–2244 (2012)CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  • Miaomiao Tian
    • 1
    • 2
    • 3
  • Shibei Ye
    • 1
    • 3
  • Hong Zhong
    • 1
    • 2
    • 3
  • Lingyan Wang
    • 1
    • 3
  • Fei Chen
    • 4
  • Jie Cui
    • 1
    • 2
    • 3
  1. 1.School of Computer Science and TechnologyAnhui UniversityHefeiChina
  2. 2.Institute of Physical Science and Information TechnologyAnhui UniversityHefeiChina
  3. 3.Anhui Engineering Laboratory of IoT SecurityAnhui UniversityHefeiChina
  4. 4.College of Computer Science and EngineeringShenzhen UniversityShenzhenChina

Personalised recommendations