Paper 2012/276

Official Arbitration with Secure Cloud Storage Application

Alptekin Küpçü

Abstract

Static and dynamic proof of storage schemes have been proposed for use in secure cloud storage scenarios. In this setting, a client outsources storage of her data to a server, who may, willingly or not, corrupt the data (e.g., due to hardware or software failures), or delete infrequently accessed parts to save space. Most of the existing schemes only solve part of this problem: The client may ask for a cryptographic proof of integrity from the server. But what happens if this proof fails to verify? We argue that in such a case, both the client and the server should be able to contact an official court, providing cryptographic proofs, so that the Judge can resolve this dispute. We show that this property is stronger than what has been known as public verifiability in the sense that official arbitration should handle a malicious client as well. We clearly show this formalization difference, and then present multiple schemes that work for various static and dynamic storage solutions in a generic way. We implement our schemes and show that they are very efficient, diminishing the validity of arguments against their use, where the overhead for adding the ability to resolve such disputes at a court is only 2 ms and 80 bytes for each update on the stored data, using standard desktop hardware. Finally, we note that disputes may arise in many other situations, such as when two parties exchange items (e.g., e-commerce) or agree on something (e.g., contract-signing). We show that it is easy to extend our official arbitration protocols for a general case, including dynamic authenticated data structures.

Note: This paper provides stronger guarantees than "public verifiability" in cloud storage systems, and is applicable in general to almost any such system.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Unknown where it was published
Keywords
fair exchangeapplicationselectronic commerce and paymentcloud storage
Contact author(s)
akupcu @ ku edu tr
History
2013-03-06: last of 3 revisions
2012-05-29: received
See all versions
Short URL
https://ia.cr/2012/276
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2012/276,
      author = {Alptekin Küpçü},
      title = {Official Arbitration with Secure Cloud Storage Application},
      howpublished = {Cryptology ePrint Archive, Paper 2012/276},
      year = {2012},
      note = {\url{https://eprint.iacr.org/2012/276}},
      url = {https://eprint.iacr.org/2012/276}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.