Cryptology ePrint Archive: Report 2015/645

Improvements on Efficient Dynamic Provable Data Possession scheme with Public Verifiability and Data Privacy

Clémentine Gritti, Willy Susilo, Thomas Plantard and Rongmao Chen

Abstract: An efficient Dynamic Provable Data Possession scheme with Public Verifiability and Data Privacy was recently published in ACISP'15. It appears that three attacks menace this scheme. The first one enables the server to store only one block of a file $m$ and still pass the data integrity verification on any number of file blocks. The second attack permits the server to keep the old version of a file block $m_{i}$ and the corresponding verification metadata $T_{m_{i}}$ after the client asked to modify them by sending the new version of these elements, and still pass the data integrity verification. The last attack allows the Third Party Auditor (TPA) to distinguish files when processing the data integrity checking.

In this paper, we propose several solution to overcome all the aforementioned issues. For the two first attacks, we give two new constructions of the scheme, one using index-hash tables and the other based on the Merkle hash trees. We compare the efficiency of these two new systems with the previous one. For the third attack, we suggest a weaker security model for data privacy without modifying the current scheme and a new construction to enhance the security and to achieve the strongest data privacy notion.

Category / Keywords: Cloud Storage Server, Provable Data Possession, Dynamicity, Public Verifiability, Data Privacy

Date: received 29 Jun 2015, last revised 29 Jun 2015

Contact author: cjpg967 at uowmail edu au

Available format(s): PDF | BibTeX Citation

Note: correcting typos

Version: 20150701:004717 (All versions of this report)

Short URL: ia.cr/2015/645

Discussion forum: Show discussion | Start new discussion