Cryptology ePrint Archive: Report 2012/276

Official Arbitration with Secure Cloud Storage Application

Alptekin Kp

Abstract: Static and dynamic proof of storage schemes have been proposed for use in secure cloud storage scenarios. In this setting, a client outsources storage of her data to a server, who may, willingly or not, corrupt the data (e.g., due to hardware or software failures), or delete infrequently accessed parts to save space. Most of the existing schemes only solve part of this problem: The client may ask for a cryptographic proof of integrity from the server. But what happens if this proof fails to verify?

We argue that in such a case, both the client and the server should be able to contact an official court, providing cryptographic proofs, so that the Judge can resolve this dispute. We show that this property is stronger than what has been known as public veri ability in the sense that official arbitration should handle a malicious client as well. We clearly show this formalization difference, and then present multiple schemes that work for various static and dynamic storage solutions in a generic way. We implement our schemes and show that they are very efficient, diminishing the validity of arguments against their use, where the overhead for adding the ability to resolve such disputes at a court is only 2 ms and 80 bytes for each update on the stored data, using standard desktop hardware.

Finally, we note that disputes may arise in many other situations, such as when two parties exchange items (e.g., e-commerce) or agree on something (e.g., contract-signing). We show that it is easy to extend our official arbitration protocols for a general case, including dynamic authenticated data structures.

Category / Keywords: cryptographic protocols / fair exchange,applications,electronic commerce and payment,cloud storage

Date: received 16 May 2012, last revised 6 Mar 2013

Contact author: akupcu at ku edu tr

Available format(s): PDF | BibTeX Citation

Note: This paper provides stronger guarantees than "public verifiability" in cloud storage systems, and is applicable in general to almost any such system.

Version: 20130306:153719 (All versions of this report)

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]