Remote data checking using provable data possession

Ateniese, Giuseppe; Burns, Randal; Curtmola, Reza; Herring, Joseph; Khan, Osama; Kissner, Lea; Peterson, Zachary; Song, Dawn

doi:10.1145/1952982.1952994

Cited by 327 publications

(249 citation statements)

References 40 publications

Supporting

Mentioning

249

Contrasting

Order By: Relevance

“…A publicly verifiable remote data integrity checking architecture [7,11,14] for security cloud storage is illustrated in Fig 1. Three different entities, namely, the cloud user, the cloud server and the third party auditor (TPA) are involved in the system. The cloud user has large amount of data to be stored on the cloud server without keeping a local copy, and the cloud server has significant storage space and computation resources and provides data storage services for cloud users.…”

Section: Remote Data Integrity Checking For Secure Cloud Storagementioning

confidence: 99%

“…Blum presented a scheme enabling data owners to verify the integrity of remote data without explicit knowledge of the entire data [5]. Provable data possession (PDP) [6,7], introduced by Ateniese et al, is a technique for validating data integrity over remote servers. In a typical PDP system, the data owner generates some metadata for a file, which will be used later for integrity checking via a challenge-response protocol with the remote server.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Enhanced privacy of a remote data integrity-checking protocol for secure cloud storage

et al. 2014

Int. J. Inf. Secur.

View full text Add to dashboard Cite

Remote data integrity checking (RDIC) enables a server to prove to an auditor the integrity of a stored file. It is a useful technology for remote storage such as cloud storage. The auditor could be a party other than the data owner; hence, an RDIC proof is based usually on publicly available information. To capture the need of data privacy against an untrusted auditor, Hao et al. formally defined "privacy against third party verifiers" as one of the security requirements and proposed a protocol satisfying this definition. However, we observe that all existing protocols with public verifiability supporting data update, including Hao et al.'s proposal, require the data owner to publish some meta-data related to the stored data. We show that the auditor can tell whether or not a client has stored a specific file and link various parts of those files based solely on the published metadata in Hao et al.'s protocol. In other words, the notion "privacy against third party verifiers" is not sufficient in protecting data privacy, and hence, we introduce "zero-knowledge privacy" to ensure the third party verifier learns nothing about the client's data from all available information. We enhance the privacy of Hao et al.'s protocol, develop a prototype to evaluate the performance and perform experiment to demonstrate the practicality of our proposal. 2014 Springer-Verlag Berlin Heidelberg. Abstract Remote data integrity checking (RDIC) enables a server to prove to an auditor the integrity of a stored file. It is a useful technology for remote storage such as cloud storage. The auditor could be a party other than the data owner; hence an RDIC proof is based usually on publicly available information. To capture the need of data privacy against an untrusted auditor, Hao et al. formally defined "privacy against third party verifiers" as one of the security requirements and proposed a protocol satisfying this definition. However, we observe that all existing protocols with public verifiability supporting data update, including Hao et al.'s proposal, require the data owner to publish some metadata related to the stored data. We show that the audi- In other words, the notion "privacy against third party verifiers" is not sufficient in protecting data privacy and hence we introduce "zero-knowledge privacy" to ensure the third party verifier learns nothing about the client's data from all available information. We enhance the privacy of Hao et al.'s protocol, develop a prototype to evaluate the performance and perform experiment to demonstrate the practicality of our proposal.

show abstract

Section: Remote Data Integrity Checking For Secure Cloud Storagementioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Enhanced privacy of a remote data integrity-checking protocol for secure cloud storage

et al. 2014

Int. J. Inf. Secur.

View full text Add to dashboard Cite

show abstract

“…Although spot-checking is suitable for detecting large corruptions, it is vulnerable to small corruptions against the entire data size. This problem has been resolved by introducing the notion of δ-robustness, which adopts forward error correction (FEC) codes such as the Reed-Solomon (RS) code [4]- [6] (δ-robustness will be defined in Sect. 2.1.…”

Section: Introductionmentioning

confidence: 99%

Optimal Spot-Checking Ratio for Probabilistic Attacks in Remote Data Checking

Park

Choi

Kwon

et al. 2017

IEICE Trans. Inf. & Syst.

View full text Add to dashboard Cite

SUMMARYRemote data checking (RDC) is a scheme that allows clients to efficiently check the integrity of data stored at an untrusted server using spot-checking. Efforts have been consistently devoted toward improving the efficiency of such RDC schemes because they involve some overhead. In this letter, it is assumed that a probabilistic attack model is adopted, in which an adversary corrupts exposed blocks in the network with a certain probability. An optimal spot-checking ratio that simultaneously guarantees the robustness of the scheme and minimizes the overhead is obtained.

show abstract

“…In comparison with traditional cryptographic techniques for data integrity, secure auditing is much more practical for verifying data storage correctness. In 2007, Ateniese et al proposed the notion of provable data possession (PDP) [7,8] to check the integrity of remote data. Ateniese et al [9] also demonstrated how to construct data auditing schemes from homomorphic identification protocols.…”

Section: Introductionmentioning

confidence: 99%

Public Cloud Data Auditing with Practical Key Update and Zero Knowledge Privacy

et al. 2016

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Data integrity is extremely important for cloud based storage services, where cloud users no longer have physical possession of their outsourced files. A number of data auditing mechanisms have been proposed to solve this problem. However, how to update a cloud user's private auditing key (as well as the authenticators those keys are associated with) without the user's re-possession of the data remains an open problem. In this paper, we propose a key-updating and authenticator-evolving mechanism with zero-knowledge privacy of the stored files for secure cloud data auditing, which incorporates zero knowledge proof systems, proxy resignatures and homomorphic linear authenticators. We instantiate our proposal with the state-of-the-art Shacham-Waters auditing scheme. When the cloud user needs to update his key, instead of downloading the entire file and re-generating all the authenticators, the user can just download and update the authenticators. This approach dramatically reduces the communication and computation cost while maintaining the desirable security. We formalize the security model of zero knowledge data privacy for auditing schemes in the keyupdating context and prove the soundness and zero-knowledge privacy of the proposed construction. Finally, we analyze the complexity of communication, computation and storage costs of the improved protocol which demonstrates the practicality of the proposal. Abstract. Data integrity is extremely important for cloud based storage services, where cloud users no longer have physical possession of their outsourced files. A number of data auditing mechanisms have been proposed to solve this problem. However, how to update a cloud user's private auditing key (as well as the authenticators those keys are associated with) without the user's re-possession of the data remains an open problem. In this paper, we propose a key-updating and authenticatorevolving mechanism with zero-knowledge privacy of the stored files for secure cloud data auditing, which incorporates zero knowledge proof systems, proxy re-signatures and homomorphic linear authenticators. We instantiate our proposal with the state-of-the-art Shacham-Waters auditing scheme. When the cloud user needs to update his key, instead of downloading the entire file and re-generating all the authenticators, the user can just download and update the authenticators. This approach dramatically reduces the communication and computation cost while maintaining the desirable security. We formalize the security model of zero knowledge data privacy for auditing schemes in the key-updating context and prove the soundness and zero-knowledge privacy of the proposed construction. Finally, we analyze the complexity of communication, computation and storage costs of the improved protocol which demonstrates the practicality of the proposal.

show abstract

Remote data checking using provable data possession

Cited by 327 publications

References 40 publications

Enhanced privacy of a remote data integrity-checking protocol for secure cloud storage

Enhanced privacy of a remote data integrity-checking protocol for secure cloud storage

Optimal Spot-Checking Ratio for Probabilistic Attacks in Remote Data Checking

Public Cloud Data Auditing with Practical Key Update and Zero Knowledge Privacy

Contact Info

Product

Resources

About