Paper 2015/645

New Dynamic Provable Data Possession Protocols with Public Verifiability and Data Privacy

Clémentine Gritti, Rongmao Chen, Willy Susilo, and Thomas Plantard

Abstract

An efficient Dynamic Provable Data Possession scheme with Public Verifiability and Data Privacy was recently published in ACISP'15. It appears that three attacks menace this scheme. The first one enables the server to store only one block of a file $m$ and still pass the data integrity verification on any number of file blocks. The second attack permits the server to keep the old version of a file block $m_i$ and the corresponding verification metadata $T_{m_i}$, after the client asked to modify them by sending the new version of these elements, and still pass the data integrity verification. The last attack allows the Third Party Auditor (TPA) to distinguish files when proceeding the data integrity checking, without accessing their contents. In this paper, we propose several solutions to overcome all the aforementioned issues. For the two first attacks, we give two new constructions of the scheme, one using Index Hash Tables and the other based on the Merkle Hash Trees. We compare the efficiency of these two new systems with the previous one. For the third attack, we suggest a weaker security model for data privacy that applies to the new construction based on the Index Hash Tables, and we use the existing strong model to prove the data privacy security for the new construction using Merkle Hash Trees.

Note: Some parts of the paper are put in an appendix.