KSII Transactions on Internet and Information Systems (TIIS)

Korean Society for Internet Information (한국인터넷정보학회)
권호 표지
DOI QR코드

DOI QR Code

A Security-Enhanced Identity-Based Batch Provable Data Possession Scheme for Big Data Storage

  • Zhao, Jining (School of Computer Science and Engineering, University of Electronic Science and Technology of China) ;
  • Xu, Chunxiang (School of Computer Science and Engineering, University of Electronic Science and Technology of China) ;
  • Chen, Kefei (Hangzhou Key Laboratory of Cryptography and Network Security, Hangzhou Normal University)
  • Received : 2017.11.02
  • Accepted : 2018.04.24
  • Published : 2018.09.30
Download PDF
⟨ Previous Next ⟩

Abstract

In big data age, flexible and affordable cloud storage service greatly enhances productivity for enterprises and individuals, but spontaneously has their outsourced data susceptible to integrity breaches. Provable Data Possession (PDP) as a critical technology, could enable data owners to efficiently verify cloud data integrity, without downloading entire copy. To address challenging integrity problem on multiple clouds for multiple owners, an identity-based batch PDP scheme was presented in ProvSec 2016, which attempted to eliminate public key certificate management issue and reduce computation overheads in a secure and batch method. In this paper, we firstly demonstrate this scheme is insecure so that any clouds who have outsourced data deleted or modified, could efficiently pass integrity verification, simply by utilizing two arbitrary block-tag pairs of one data owner. Specifically, malicious clouds are able to fabricate integrity proofs by 1) universally forging valid tags and 2) recovering data owners' private keys. Secondly, to enhance the security, we propose an improved scheme to withstand these attacks, and prove its security with CDH assumption under random oracle model. Finally, based on simulations and overheads analysis, our batch scheme demonstrates better efficiency compared to an identity based multi-cloud PDP with single owner effort.

Keywords

References

  1. Seagate.com, "Data Age 2025: The Evolution of Data to Life-Critical. Don't Focus on Big Data; Focus on the Data That's Big," March 2017.
  2. IDC.com, "Worldwide Public Cloud Services Spending Forecast to Reach $122.5 Billion in 2017, According to IDC," February 20, 2017.
  3. S. Yu, C. Wang, K. Ren, W. Lou, "Achieving secure, scalable, and fine-grained data access control in cloud computing," in Proc. of Proceedings of INFOCOM, 2010.
  4. Z. Fu, X. Wu, C. Guan, X. Sun, K. Ren, "Toward efficient multi-keyword fuzzy search over encrypted outsourced data with accuracy improvement," IEEE Trans. Inf. Forensics Secur., 11(12), 2706-2716, 2016. https://doi.org/10.1109/TIFS.2016.2596138
  5. Q. Wang, C. Wang, K. Ren, W. Lou, J. Li, "Enabling Public Auditability and Data Dynamics for Storage Security in Cloud Computing," IEEE Trans. Parallel and Distributed Systems, 22(5), 847-859, 2011. https://doi.org/10.1109/TPDS.2010.183
  6. C. Erway, A. Kupcu, C. Papamanthou, R. Tamassia, "Dynamic Provable Data Possession," in Proc. of Proceedings of ACM CCS 2009, pp. 213-222, 2009.
  7. G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson, D. Song, "Provable Data Possession at Untrusted Stores," in Proc. of Proceedings of ACM CCS 2007, pp. 598-609, 2007.
  8. H. Shacham, B. Waters , "Compact proofs of retrievability," in Proc. of Proceedings of ASIACRYPT 2008, pp. 90-107, 2008.
  9. C. Wang, S. S. M. Chow, Q. Wang, K. Ren, W. Lou, "Privacy-Preserving Public Auditing for Secure Cloud Storage," IEEE Transactions on Computers, 62(2), 362-375, Feb. 2013. https://doi.org/10.1109/TC.2011.245
  10. Y. Zhu, H. Hu, G. J. Ahn, M.Yu, "Cooperative Provable Data Possession for Integrity Verification in MultiCloud Storage," IEEE Trans. Parallel and Distributed Systems, 23(12), 2231-2244, Dec., 2012. https://doi.org/10.1109/TPDS.2012.66
  11. Y. Yu, Y. Zhang, Y. Mu, W. Susilo, "Provably Secure Identity based Provable Data Possession," in Proc. of Proceedings of ProvSec 2015, LNCS 9451, pp. 1-16, Springer, Heidelberg, 2015.
  12. Y. Yu, M. H. A. Au, G. Ateniese, X. Huang, W. Susilo, Y. Dai, G. Min , "Identity-based remote data integrity checking with perfect data privacy preserving for cloud storage," IEEE Transactions on Information Forensics and Security, 2016.
  13. J. Zhao, C. Xu, F. Li, W. Zhang, "Identity-based public verification with privacy preserving for data storage security in cloud computing," IEICE Trans. Fundam. Electron. Commun. Comput. Sci. vol. 96(12), 2709-2716, 2013.
  14. J. Coron, "On the exact security of full domain hash," in Proc. of Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 220-235. Springer, Heidelberg, 2000.
  15. H. Wang, "Identity-Based Ditributed Provable Data Possession in Multicloud Storage," IEEE Transactions on Services Computing, Issue. 99, Mar, 2014.
  16. B. Wang, B. Li, H. Li, "Panda: public auditing for shared data with efficient user revocation in the cloud," IEEE Trans. Serv. Comput., 8(1), 92-106, 2015. https://doi.org/10.1109/TSC.2013.2295611
  17. F. Zhou, S. Peng, J. Xu, Z. Xu, " Identity-based Batch Provable Data Possession," in Proc. of Proceedings of Provable Security 2016, Nanjing, China, pp. 112-129, October, 2016.
  18. S. Peng, F. Zhou, J. Xu, Z. Xu, "Comments on "Identity-Based Distributed Provable Data Possession in Multicloud Storage" IEEE Transactions on Services Computing, 9(6), 996-998, Nov.-Dec, 2016. https://doi.org/10.1109/TSC.2016.2589248
  19. The Pairing-Based Cryptography Library (PBC).
  20. The GNU Multiple Precision Arithmetic Library (GMP).
  21. OpenSSL: cryptography and SSL/TLS Toolkit.
  22. L. Zhou, D. Wu, B. Zheng, and M. Guizani, "Joint physical-application layer security for wireless multimedia delivery,"IEEE Communications Magazine, vol. 52, no. 3, pp. 66-72, 2014. https://doi.org/10.1109/MCOM.2014.6766087
  23. L. Zhou, H.-C.Chao. "Multimedia traffic security architecture forinternet of things", IEEE Network, vol. 25, no. 3, pp. 35-40, 2011. https://doi.org/10.1109/MNET.2011.5772059

Cited by

  1. Secure and Efficient Privacy-Preserving Identity-Based Batch Public Auditing with Proxy Processing vol.13, pp.2, 2019, https://doi.org/10.3837/tiis.2019.02.030