Data Integrity Auditing without Private Key Storage for Secure Cloud Storage

Shen, Wenting; Qin, Jing; Yu, Jia; Hao, Rong; Hu, Jiankun; Ma, Jixin

doi:10.1109/tcc.2019.2921553

Cited by 59 publications

(44 citation statements)

References 41 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Apart from the aforementioned protocols, some other publicly verifiable protocols are published. Hao et al [41] gave a public verification without including a TPA, and Shen et al [42] solved the loss of private key for auditing issue. Wu et al [43] introduced a time encapsulated POR protocol that could check the integrity of data and timestamp by verifier.…”

Section: Related Workmentioning

confidence: 99%

Public Integrity Auditing of Shared Encrypted Data within Cloud Storage Group

Wang

2022

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

The pandemic of COVID-19 has posed a severe challenge to the traditional on-site centralized development projects; people therefore have to share data in a group by the cloud storage server and develop projects at home. The cloud server is untrustworthy, although it supplies the powerful computing capability and abundant storage space; so far wide research has been proposed to verify data integrity. Therefore, how to leverage the cloud server and ensure the integrity of the data (especially the encrypted data) stored on the remote cloud devices remains an issue for the clients. To address this issue, we utilize the technique of homomorphic hash function to implement reencryption ciphertext blocks and introduce a certificateless signature scheme for the integrity verification of encrypted data shared within a group. A detailed challenge-and-response game represents that the proposed scheme can preserve encrypted data blocks integrity against the internal/external attacker and malicious cloud service servers. We give the theoretical and experimental performance analysis of the scheme and exhibit that the scheme is efficient and practical.

show abstract

Section: Related Workmentioning

confidence: 99%

Public Integrity Auditing of Shared Encrypted Data within Cloud Storage Group

Wang

2022

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

show abstract

“…As future research, this scheme can be modified using IO to reduce verification cost. Shen et al [104] explored how to employ fuzzy private key for integrity auditing without storing private key. We can improve Zhang et al [47] scheme by this fuzzy approach where cloud user has to share the MAC key with TPA through secure channel.…”

Section: New Challenges and Recommendationsmentioning

confidence: 99%

Towards Lightweight Provable Data Possession for Cloud Storage Using Indistinguishability Obfuscation

Chaudhari

Swain

2022

IEEE Access

View full text Add to dashboard Cite

Cloud Computing has proved to be a boon for many individuals and organizations who cannot afford infrastructure and maintenance cost of resources. But the untrusted nature of Cloud Server (CS) brings many challenges related to security and trust. Public auditing is one process that enables users to delegate the integrity verification of outsourced data to external party such as Third-Party Auditor (TPA). Provable Data Possession (PDP) is one approach of auditing that can verify the integrity using cryptographic algorithms. Many PDP schemes are based on bilinear pairing and homomorphic authenticators that involves complex computations that leads to increased verification time. The lightweight auditing processes is a need today using modern cryptographic techniques. Indistinguishability Obfuscation (IO) is one of the modern but weaker primitive that, if used with one-way functions, provide multiple cryptographic constructs. Sahai and Waters proposed construction of cryptographic constructs using IO. Zhang et al. proposed lightweight public auditing scheme using these IO. But still there are many goals to achieve such as group support, collusion handling, privacy-preserving etc. using IO. In this paper, we are trying to explore these issues and lists future research directions in this field. INDEX TERMSPublic Auditing, Provable Data Possession, Homomorphic verifiable Tags, Indistinguishability Obfuscation. I. INTRODUCTION Evolution in the field of computer technology and Internetbased services open up the era of Cloud Computing. Highspeed processors with improved service computing architecture led to the development of large data centers.Flexible and increased network bandwidth enables a client to access or subscribe to data and services from remote data centers. This improved computing architecture helps many organizations or individuals to expand their businesses without any investment in infrastructure and maintenance costs. This paradigm mainly provides services in computing and storage. Multiple computing resources are easily assigned and released to cloud users based on their needs. Cloud datastore is one of the widely used services among cloud users. Cloud users can easily store and share information on cloud storage. Although it provides a promising platform, this paradigm has brought many security and performance issues with it. The main concern is that of integrity verification of outsourced data at remote

show abstract

“…For this reason, Zhang et al [26] proposed an identity-based audit scheme by introducing a hierarchical private key generator suitable for large-scale user groups, which improved the audit efficiency of large-scale users. Shen et al [27] proposed a data integrity audit scheme without storing private keys in which biometric data (such as iris scan and fingerprint) were used as the fuzzy private key of the user to avoid using hardware token, which improved the security and efficiency of audit. However, these schemes did not support the protection of sensitive information of user data and dynamic update.…”

Section: Related Workmentioning

confidence: 99%

Ldasip: A Lightweight Dynamic Audit Approach for Sensitive Information Protection in Cloud Storage

Lin

Tan

Chu

2022

Security and Communication Networks

View full text Add to dashboard Cite

How to audit the integrity of data stored on the cloud with incomplete trust is an important problem that restricts the development of cloud storage. Although there are several data integrity audit schemes in cloud storage, the increased need to protect sensitive information and support large-scale data storage and dynamic update will result in a significant increase in audit cost, which seriously affects the efficiency of existing cloud audit systems. To solve this problem, we propose Ldasip, a lightweight dynamic auditing method that supports sensitive information protection in cloud storage. Exploiting identity-based data integrity audit, a data masking technology is introduced into to protect user’s sensitive information. At the same time, an improved multibranch tree structure is proposed to realize dynamic audit and reduce communication overhead in the verification process. Theoretical analysis and comprehensive experiments have been conducted, which demonstrate the effectiveness of Ldasip. The results show that Ldasip can ensure the correctness of the audit, protect the sensitive information in the user's stored content, and support the dynamic update of data with less audit time and communication overhead.

show abstract

Data Integrity Auditing without Private Key Storage for Secure Cloud Storage

Cited by 59 publications

References 41 publications

Public Integrity Auditing of Shared Encrypted Data within Cloud Storage Group

Public Integrity Auditing of Shared Encrypted Data within Cloud Storage Group

Towards Lightweight Provable Data Possession for Cloud Storage Using Indistinguishability Obfuscation

Ldasip: A Lightweight Dynamic Audit Approach for Sensitive Information Protection in Cloud Storage

Contact Info

Product

Resources

About