Paper 2009/281

Enabling Public Verifiability and Data Dynamics for Storage Security

Qian Wang, Cong Wang, Jin Li, Kui Ren, and Wenjing Lou

Abstract

Cloud Computing has been envisioned as the next-generation architecture of IT Enterprise. It moves the application software and databases to the centralized large data centers, where the management of the data and services may not be fully trustworthy. This unique paradigm brings about many new security challenges, which have not been well understood. This work studies the problem of ensuring the integrity of data storage in Cloud Computing. In particular, we consider the task of allowing a third party auditor (TPA), on behalf of the cloud client, to verify the integrity of the dynamic data stored in the cloud. The introduction of TPA eliminates the involvement of client through the auditing of whether his data stored in the cloud is indeed intact, which can be important in achieving economies of scale for Cloud Computing. The support for data dynamics via the most general forms of data operation, such as block modification, insertion and deletion, is also a significant step toward practicality, since services in Cloud Computing are not limited to archive or backup data only. While prior works on ensuring remote data integrity often lacks the support of either public verifiability or dynamic data operations, this paper achieves both. We first identify the difficulties and potential security problems of direct extensions with fully dynamic data updates from prior works and then show how to construct an elegant verification scheme for seamless integration of these two salient features in our protocol design. In particular, to achieve efficient data dynamics, we improve the Proof of Retrievability model \cite{Shacham:ASIACRYPT:2008} by manipulating the classic Merkle Hash Tree (MHT) construction for block tag authentication. Extensive security and performance analysis show that the proposed scheme is highly efficient and provably secure.

Note: Revise Section 3.4 (discussion on design considerations).

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. Accepted by ESORICS 2009
Keywords
cryptographic protocols
Contact author(s)
willwq @ msn com
History
2011-11-10: last of 5 revisions
2009-06-16: received
See all versions
Short URL
https://ia.cr/2009/281
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2009/281,
      author = {Qian Wang and Cong Wang and Jin Li and Kui Ren and Wenjing Lou},
      title = {Enabling Public Verifiability and Data Dynamics for Storage Security},
      howpublished = {Cryptology {ePrint} Archive, Paper 2009/281},
      year = {2009},
      url = {https://eprint.iacr.org/2009/281}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.