Paper 2017/941

CoRPA: A Novel Efficient Shared Data Auditing Protocol in Cloud Storage

Reyhaneh Rabaninejad and Mahmoud Ahmadian Attari and Maryam Rajabzadeh Asaar and Mohammad Reza Aref

Abstract

As data sharing has become one of the most popular features offered by cloud storage services, designing public auditing mechanisms for integrity of shared data stored at the cloud becomes much more important. Two unique problems which arise in shared data auditing mechanisms include preserving signer identity privacy and collusion resistant revocation of cloud users. When the data stored at the cloud is shared among a group of users, different users may modify different data blocks; therefore, data blocks are signed by different users which accordingly leak signer identities to the public verifier. Also, when a user is revoked from the group, the signatures generated by this user become invalid to the group and should be re-signed by the cloud server using re-signature keys. In addition, the collusion of cloud server who possess re-signature keys and the revoked user should leak no information about the private key of other users. In this paper, by employing a collusion resistant proxy re-signature scheme, we propose a public auditing mechanism for integrity of shared data that provides identity privacy and collusion resistant user revocation, simultaneously. We also formally prove the mentioned properties based on exact security definition and well-known hard problems in the random oracle model. To our best knowledge, this paper presents the first public auditing mechanism based on collusion resistant proxy re-signatures. Moreover, our protocol supports large dynamic group of users, batch verification of multiple auditing tasks and fully dynamic data operations, efficiently. Overhead analysis and experimental results demonstrate the excellent efficiency of our scheme in comparison to the state of the art.