Advertisement

Lightweight Delegatable Proofs of Storage

  • Jia XuEmail author
  • Anjia YangEmail author
  • Jianying Zhou
  • Duncan S. Wong
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9878)

Abstract

Proofs of Storage (including Proofs of Retrievability and Provable Data Possession) is a cryptographic tool, which enables data owner or third party auditor to audit integrity of data stored remotely in a cloud storage server, without keeping a local copy of data or downloading data back during auditing. We observe that all existing publicly verifiable POS schemes suffer from a serious drawback: It is extremely slow to compute authentication tags for all data blocks, due to many expensive group exponentiation operations. Surprisingly, it is even much slower than typical network uploading speed, and becomes the bottleneck of the setup phase of the POS scheme. We propose a new variant formulation called “Delegatable Proofs of Storage”. In this new relaxed formulation, we are able to construct a POS scheme, which on one side is as efficient as privately verifiable POS schemes, and on the other side can support third party auditor and can efficiently switch auditors at any time, close to the functionalities of publicly verifiable POS schemes. Compared to traditional publicly verifiable POS schemes, we speed up the tag generation process by at least several hundred times, without sacrificing efficiency in any other aspect. Like many existing schemes, we can also speed up our tag generation process by approximately N times using N CPU cores in parallel, before I/O cost becomes the bottleneck. We prove that our scheme is sound under Bilinear Strong Diffie-Hellman Assumption in standard model.

Keywords

Proof of Storage Proof of Retrievability Third party verifier Lightweight homomorphic authentication tag Applied cryptography 

References

  1. 1.
    Apon, D., Huang, Y., Katz, J., Malozemoff, A.J.: Implementing cryptographic program obfuscation. Cryptology ePrint Archive, Report 2014/779 (2014). http://eprint.iacr.org/
  2. 2.
    Armknecht, F., Bohli, J.M., Karame, G.O., Liu, Z., Reuter, C.A.: Outsourced proofs of retrievability. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, CCS 2014, pp. 831–843 (2014)Google Scholar
  3. 3.
    Ateniese, G., Burns, R., Curtmola, R., Herring, J., Khan, O., Kissner, L., Peterson, Z., Song, D.: Remote data checking using provable data possession. ACM Tran. Inf. Sys. Sec. TISSEC 2011 14(1), 12:1–12:34 (2011)Google Scholar
  4. 4.
    Ateniese, G., Burns, R., Curtmola, R., Herring, J., Kissner, L., Peterson, Z., Song, D.: Provable data possession at untrusted stores. In: ACM CCS 2007, pp. 598–609. ACM (2007)Google Scholar
  5. 5.
    Ateniese, G., Kamara, S., Katz, J.: Proofs of storage from homomorphic identification protocols. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 319–333. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  6. 6.
    Ateniese, G., Pietro, R.D., Mancini, L.V., Tsudik, G.: Scalable and efficient provable data possession. In: SecureComm 2008, pp. 9:1–9:10. ACM (2008)Google Scholar
  7. 7.
    Boneh, D., Lynn, B., Shacham, H.: Short signatures from the weil pairing. J. Cryptology 17(4), 297–319 (2004)MathSciNetCrossRefzbMATHGoogle Scholar
  8. 8.
    Bowers, K.D., Juels, A., Oprea, A.: HAIL: A high-availability and integrity layer for cloud storage. In: ACM CCS 2009, pp. 187–198. ACM (2009)Google Scholar
  9. 9.
    Bowers, K.D., Juels, A., Oprea, A.: Proofs of retrievability: theory and implementation. In: CCSW 2009, pp. 43–54. ACM (2009)Google Scholar
  10. 10.
    Cash, D., Küpçü, A., Wichs, D.: Dynamic proofs of retrievability via oblivious RAM. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 279–295. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  11. 11.
    Chang, E.-C., Xu, J.: Remote integrity check with dishonest storage server. In: Jajodia, S., Lopez, J. (eds.) ESORICS 2008. LNCS, vol. 5283, pp. 223–237. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  12. 12.
    Chen, X., Li, J., Ma, J., Tang, Q., Lou, W.: New algorithms for secure outsourcing of modular exponentiations. In: Foresti, S., Yung, M., Martinelli, F. (eds.) ESORICS 2012. LNCS, vol. 7459, pp. 541–556. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  13. 13.
    Curtmola, R., Khan, O., Burns, R., Ateniese, G.: MR-PDP: multiple-replica provable data possession. In: ICDCS 2008, pp. 411–420. IEEE (2008)Google Scholar
  14. 14.
    Deswarte, Y., Quisquater, J.J., Saïdane, A.: Remote integrity checking: how to trust files stored on untrusted servers. In: Jajodia, S., Strous, L. (eds.) IICIS 2003. IFIP, vol. 140, pp. 1–11. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  15. 15.
    Dodis, Y., Vadhan, S., Wichs, D.: Proofs of retrievability via hardness amplification. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 109–127. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  16. 16.
    Erway, C., Küpçü, A., Papamanthou, C., Tamassia, R.: Dynamic provable data possession. In: ACM CCS 2009, pp. 213–222. ACM (2009)Google Scholar
  17. 17.
    Garg, S., Gentry, C., Halevi, S., Raykova, M., Sahai, A., Waters, B.: Candidate indistinguishability obfuscation and functional encryption for all circuits. In: Proceedings of the 2013 IEEE 54th Annual Symposium on Foundations of Computer Science, FOCS 2013, pp. 40–49 (2013)Google Scholar
  18. 18.
    Goldreich, O.: A sample of samplers: a computational perspective on sampling. In: Goldreich, O. (ed.) Studies in Complexity and Cryptography. LNCS, vol. 6650, pp. 302–332. Springer, Heidelberg (2011)Google Scholar
  19. 19.
    Guan, C., Ren, K., Zhang, F., Kerschbaum, F., Yu, J.: A symmetric-key based proofs of retrievability supporting public verification. In: Proceedings of 20th European Symposium on Research in Computer Security, ESORICS 2015, pp. 203–223 (2015). www.fkerschbaum.org/esorics15b.pdf Google Scholar
  20. 20.
    Hao, Z., Zhong, S., Yu, N.: A privacy-preserving remote data integrity checking protocol with data dynamics and public verifiability. In:TKDE 2011, vol. 23(9), pp. 1432–1437 (2011)Google Scholar
  21. 21.
    Hohenberger, S., Lysyanskaya, A.: How to securely outsource cryptographic computations. In: Kilian, J. (ed.) TCC 2005. LNCS, vol. 3378, pp. 264–282. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  22. 22.
    Juels, A., Kaliski, B.S.,J.: PORs: Proofs of retrievability for large files. In: ACM CCS 2007, pp. 584–597. ACM (2007)Google Scholar
  23. 23.
    Kate, A., Zaverucha, G.M., Goldberg, I.: Constant-size commitments to polynomials and their applications. In: ASIACRYPT 2010, pp. 177–194 (2010)Google Scholar
  24. 24.
    Naor, M., Rothblum, G.N.: The complexity of online memory checking. J. ACM, 56(1) (2009)Google Scholar
  25. 25.
    Ren, Y., Shen, J., Wang, J., Fang, L.: Outsourced data tagging via authority and delegable auditing for cloud storage. In: 49th Annual IEEE International Carnahan Conference on Security Technology, ICCST 2015, pp. 131–134. IEEE (2015)Google Scholar
  26. 26.
    Ren, Y., Shen, J., Wang, J., Han, J., Lee, S.: Mutual verifiable provable data auditing in public cloud storage. J. Internet Technol. 16(2), 317–324 (2015)Google Scholar
  27. 27.
    Ren, Y., Xu, J., Wang, J., Kim, J.U.: Designated-verifier provable data possession in public cloud storage. Int. J. Secur. Appl. 7(6), 11–20 (2013)Google Scholar
  28. 28.
    Schwarz, T.J.E., Miller, E.L.: Store, forget, and check: using algebraic signatures to check remotely administered storage. In: ICDCS 2006. IEEE (2006)Google Scholar
  29. 29.
    Sebé, F., Domingo-Ferrer, J., Martínez-Ballesté, A., Deswarte, Y., Quisquater, J.J.: Efficient remote data possession checking in critical information infrastructures. In: TKDE 2008, vol. 20, no. 8, pp. 1034–1038 (2008)Google Scholar
  30. 30.
    Shacham, H., Waters, B.: Compact proofs of retrievability. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 90–107. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  31. 31.
    Shacham, H., Waters, B.: Compact proofs of retrievability. J. Cryptology 26(3), 442–483 (2013)MathSciNetCrossRefzbMATHGoogle Scholar
  32. 32.
    Shah, M.A., Baker, M., Mogul, J.C., Swaminathan, R.: Auditing to keep online storage services honest. In: HotOS 2007. USENIX Association (2007)Google Scholar
  33. 33.
    Shah, M.A., Swaminathan, R., Baker, M.: Privacy-preserving audit and extraction of digital contents. Cryptology ePrint Archive, Report 2008/186 (2008). http://eprint.iacr.org/2008/186
  34. 34.
    Shen, S.-T., Tzeng, W.-G.: Delegable provable data possession for remote data in the clouds. In: Qing, S., Susilo, W., Wang, G., Liu, D. (eds.) ICICS 2011. LNCS, vol. 7043, pp. 93–111. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  35. 35.
    Shi, E., Stefanov, E., Papamanthou, C.: Practical dynamic proofs of retrievability. In: ACM CCS 2013, pp. 325–336. ACM (2013)Google Scholar
  36. 36.
    Wang, B., Li, B., Li, H.: Oruta: Privacy-preserving public auditing for shared data in the cloud. In: IEEE Cloud 2012, pp. 295–302. IEEE (2012)Google Scholar
  37. 37.
    Wang, B., Li, B., Li, H.: Public auditing for shared data with efficient user revocation in the cloud. In: INFOCOM 2013, pp. 2904–2912. IEEE (2013)Google Scholar
  38. 38.
    Wang, C., Chow, S.S., Wang, Q., Ren, K., Lou, W.: Privacy-preserving public auditing for secure cloud storage. IEEE Trans. Comput. 62(2), 362–375 (2013)MathSciNetCrossRefGoogle Scholar
  39. 39.
    Wang, C., Ren, K., Lou, W., Li, J.: Toward publicly auditable secure cloud data storage services. IEEE Network Mag. 24(4), 19–24 (2010)CrossRefGoogle Scholar
  40. 40.
    Wang, C., Wang, Q., Ren, K., Cao, N., Lou, W.: Towards secure and dependable storate services in cloud computing. IEEE Trans. Serv. Comput. 5(2), 220–232 (2012)CrossRefGoogle Scholar
  41. 41.
    Wang, C., Wang, Q., Ren, K., Lou, W.: Ensuring data storage security in cloud computing. In: Proceedings of IWQoS 2009, pp. 1–9. IEEE (2009)Google Scholar
  42. 42.
    Wang, C., Wang, Q., Ren, K., Lou, W.: Privacy-preserving public auditing for data storage security in cloud computing. In: INFOCOM 2010, pp. 525–533. IEEE (2010)Google Scholar
  43. 43.
    Wang, Q., Wang, C., Li, J., Ren, K., Lou, W.: Enabling public verifiability and data dynamics for storage security in cloud computing. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 355–370. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  44. 44.
    Wang, Q., Wang, C., Ren, K., Lou, W., Li, J.: Enabling public auditability and data dynamics for storage security in cloud computing. TPDS 22(5), 847–859 (2011)Google Scholar
  45. 45.
    Xu, J., Chang, E.C.: Towards efficient proofs of retrievability. In: ACM Symposium on Information, Computer and Communications Security, AsiaCCS 2012 (2012)Google Scholar
  46. 46.
    Xu, J., Yang, A., Zhou, J., Wong, D.S.: Lightweight and privacy-preserving delegatable proofs of storage. Cryptology ePrint Archive, Report 2014/395 (2014). http://eprint.iacr.org/2014/395
  47. 47.
    Xu, J., Zhou, J.: Leakage resilient proofs of ownership in cloud storage, revisited. In: Boureanu, I., Owesarski, P., Vaudenay, S. (eds.) ACNS 2014. LNCS, vol. 8479, pp. 97–115. Springer, Heidelberg (2014)Google Scholar
  48. 48.
    Yang, K., Jia, X.: Data storage auditing service in cloud computing: challenges, methods and opportunities. World Wide Web 15(4), 409–428 (2012)CrossRefGoogle Scholar
  49. 49.
    Yang, K., Jia, X.: An efficient and secure dynamic auditing protocol for data storage in cloud computing. TPDS 24(9), 1717–1726 (2013)Google Scholar
  50. 50.
    Yuan, J., Yu, S.: Proofs of retrievability with public verifiability and constant communication cost in cloud. In: Proceedings of the 2013 International Workshop on Security in Cloud Computing, Cloud Computing 2013, pp. 19–26. ACM (2013)Google Scholar
  51. 51.
    Zeng, K.: Publicly verifiable remote data integrity. In: Chen, L., Ryan, M.D., Wang, G. (eds.) ICICS 2008. LNCS, vol. 5308, pp. 419–434. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  52. 52.
    Zhu, Y., Hu, H., Ahn, G.J., Yu, M.: Cooperative provable data possession for integrity verification in multicloud storage. TPDS 23(12), 2231–2244 (2012)Google Scholar
  53. 53.
    Zhu, Y., Wang, H., Hu, Z., Ahn, G.J., Hu, H., Yau, S.S.: Dynamic audit services for integrity verification of outsourced storages in clouds. In: Proceedings of SAC 2011, pp. 1550–1557. ACM (2011)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  1. 1.Infocomm Security DepartmentInstitute for Infocomm ResearchSingaporeSingapore
  2. 2.City University of Hong KongHong KongChina
  3. 3.Hong Kong Applied Science and Technology Research InstituteHong KongChina

Personalised recommendations