Cryptology ePrint Archive: Report 2008/186

Privacy-Preserving Audit and Extraction of Digital Contents

Mehul A. Shah and Ram Swaminathan and Mary Baker

Abstract: A growing number of online services, such as Google, Yahoo!, and Amazon, are starting to charge users for their storage. Customers often use these services to store valuable data such as email, family photos and videos, and disk backups. Today, a customer must entirely trust such external services to maintain the integrity of hosted data and return it intact. Unfortunately, no service is infallible.

To make storage services accountable for data loss, we present protocols that allow a third-party auditor to periodically verify the data stored by a service and assist in returning the data intact to the customer. Most importantly, our protocols are privacy-preserving, in that they never reveal the data contents to the auditor. Our solution removes the burden of verification from the customer, alleviates both the customerís and storage serviceís fear of data leakage, and provides a method for independent arbitration of data retention contracts.

Category / Keywords: applications / storage, auditing, extraction, retrievability, digital preservation, privacy

Publication Info: Also available as HPL Technical Report No. HPL-2008-32

Date: received 25 Apr 2008, last revised 25 Apr 2008

Contact author: mehul shah at hp com

Available format(s): PDF | BibTeX Citation

Version: 20080429:152215 (All versions of this report)

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]