Cryptology ePrint Archive: Report 2015/633

An Efficient ID-Based Message Recoverable Privacy-Preserving Auditing Scheme

Mehmet Sabır Kiraz, İsa Sertkaya, Osmanbey Uzunkol

Abstract: One of the most important benefits of public cloud storage is outsourcing of management and maintenance with easy accessibility and retrievability over the internet. However, outsourcing data on the cloud brings new challenges such as integrity verification and privacy of data. More concretely, once the users outsource their data on the cloud they have no longer physical control over the data and this leads to the integrity protection issue. Hence, it is crucial to guarantee proof of data storage and integrity of the outsourced data. Several pairing-based au- diting solutions have been proposed utilizing the Boneh-Lynn-Shacham (BLS) short signatures. They basically provide a desirable and efficient property of non-repudiation protocols. In this work, we propose the first ID-based privacy-preserving public auditing scheme with message recov- erable signatures. Because of message recoverable auditing scheme, the message itself is implicitly included during the verification step that was not possible in previously proposed auditing schemes. Furthermore, we point out that the algorithm suites of existing schemes is either insecure or very inefficient due to the choice of the underlying bilinear map and its baseline parameter selections. We show that our scheme is more ef- ficient than the recently proposed auditing schemes based on BLS like short signatures.

Category / Keywords: applications / Data storage, public auditability, privacy preserving, message recoverable signatures, bilinear maps

Original Publication (in the same form): 13th Annual IEEE Conference on Privacy, Security and Trust (PST 2015)

Date: received 26 Jun 2015

Contact author: isa sertkaya at tubitak gov tr

Available format(s): PDF | BibTeX Citation

Version: 20150630:190131 (All versions of this report)

Short URL: ia.cr/2015/633

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]