Efficient chameleon hashing-based privacy-preserving auditing in cloud storage

详细信息    查看全文

• 作者：Jianhong Zhang ; Xubing Zhao
• 关键词：Identity privacy ; Chameleon hashing ; The CDH problem ; Cloud storage ; Data integrity checking
• 刊名：Cluster Computing
• 出版年：2016
• 出版时间：March 2016
• 年：2016
• 卷：19
• 期：1
• 页码：47-56
• 全文大小：924 KB
• 参考文献：1.Ateniese, S.G., Burns, R., Curtmola, R., Herring, J., Kissner, L., Peterson, Z., Song, D.: Provable Data Possession at Untrusted Stores. In: Proc. 14th ACM Conf. Computer and Comm. Security (CCS’07), pp. 598–609. (2007)
  2.Ateniese, G., Kamara, S., Katz, J.: Proofs of Storage from Homomorphic Identification Protocols. In: Proc. Intl Conf. Theory and Application of Cryptology and Information Security: Advances in Cryptology, pp. 319–333. (2009)
  3.Boneh, D., Boyen, X., Shacham, H.: Short group signatures. In: Proc. Adv. CryptologyCrypto, Ser. LNCS, vol. 3152, pp. 41–45. Springer New York (2004)
  4.Boneh, Dan, Lynn, Ben, Shacham, Hovav: Short signatures from the weil pairing. J. Cryptol. 17, 297–319 (2004)MathSciNet CrossRef MATH
  5.Chang, E.-C., Xu, J.: Remote Integrity Check with Dishonest Storage Server. In: Proc. 13th European Symp. Research in Computer Security (ESORICS’08), pp. 223–237. (2008)
  6.Guo, S., Zeng, D., Xiang, Y.: Chameleon hashing for secure and privacy-preserving vehicular communications. IEEE Trans. Parallel Distrib. Syst. 25, 2794–2803 (2014)CrossRef
  7.jpbc: http://​gas.​dia.​unisa.​it/​projects/​jpbc/​
  8.Juels, A., Kaliski B.S. Jr.: Pors: Proofs of Retrievability for Large Files. In: Proc. 14th ACM Conf. Computer and Comm. Security (CCS’07), pp. 584–597. (2007)
  9.Liu, Z., Li, J., Chen, X., Yang, J., Jia, C.: TMDS: Thin-Model Data Sharing Scheme Supporting Keyword Search in Cloud Storage. In: ACISP 2014. LNCS, vol. 8544, pp. 115–130. (2014)
  10.Lu, R., Lin, X., Luan, T.H., Liang, X., Shen, X.: Pseudonym changing at social spots: an effective strategy for location privacy in VANETs. IEEE Trans. Veh. Technol. 61(1), 86–96 (2012)CrossRef
  11.Ren, K., Wang, C., Wang, Q.: Security challenges for the public cloud. IEEE Internet Comput. 16(1), 69–73 (2012)CrossRef
  12.Sebe, F., Domingo-Ferrer, J., Martnez-Balleste, A., Deswarte, Y., Quisquater, J.-J.: Efficient remote data possession checking in critical information infrastructures. IEEE Trans. Knowl. Data Eng. 20(8), 1034–1038 (2008)CrossRef
  13.Shacham, H., Waters, B.: Compact Proofs of Retrievability. In: Proc. 14th Intl Conf. Theory and Application of Cryptology and Information Security: Advances in Cryptology (ASIACRYPT’08), pp. 90–107. (2008)
  14.Shah, M.A., Baker, M., Mogul, J.C., Swaminathan, R.: Auditing to Keep Online Storage Services Honest. In: Hunt, G.C. (ed.) Proc. 11th USENIX Workshop Hot Topics in Operating Systems (HOTOS). (2007)
  15.Wang, B., Li, B., Li, H., Li, F.: Certificateless Public Auditing for Data integrity in the Cloud. In: CNS 2013, pp. 276–284. (2013)
  16.Wang, B., Li, B., Li, H.: Knox: privacy-preserving auditing for shared data with large groups in the cloud. In: Proc. of ACNS 2012, pp. 507–525
  17.Wang, B., Li, B., Li, H.: Oruta: Privacy-Preserving Public Auditing for Shared Data in the Cloud. In: The Proceedings of IEEE Cloud 2012, pp. 295–302. (2012)
  18.Wang, B., Li, B., Li, H.: Public Auditing for Shared Data with Efficient User Revocation in the Cloud. In: The Proceedings of the 32nd IEEE International Conference on Computer Communications (INFOCOM 2013), pp.2904–2912
  19.Wang, C., Wang, Q., Ren, K., Lou, W.: Privacy-Preserving Public Auditing for Data Storage Security in Cloud Computing. In: Proc. IEEE INFOCOM, pp. 525–533. (2010)
  20.Wang, C., Ren, K., Lou, W., Li, J.: Toward publicly auditable secure cloud data storage services. IEEE Netw. 24(4), 19–24 (2010)CrossRef
  21.Wang, Q., Wang, C., Ren, K., Lou, W., Li, J.: Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans. Parallel Distrib. Syst. 22(5), 847–859 (2011)CrossRef
  22.Wang, B., Li, H., Liu, X., Li, X., Li, F.: Preserving identity privacy on multi-owner cloud data during public verification. Secur. Commun. Netw. 7, 2104–2113 (2014). doi:10.​1002/​sec.​922 MathSciNet CrossRef
  23.Yamamoto, G., Oda, S., Aoki, K.: Fast Integrity for Large Data. In: Proc. ECRYPT Workshop Software Performance Enhancement for Encryption and Decryption, pp. 21–32. (2007)
  24.Yu, Y., Niu, L., Yang, G., Mu, Y., Susilo, W.: On the security of auditing mechanisms for secure cloud storage. Future Gen. Comput. Syst. 30(1), 127–132 (2014)CrossRef
  25.Zeng, K.: Publicly Verifiable Remote Data Integrity. In: Proc. 10th Intel Conf. Information and Comm. Security, pp. 419–434. (2008)
  26.Zhang, J., Yu, Y.: Short computational Diffie Chellman-based proxy signature scheme in the standard model. Int. J. Commun. Syst. 27(10), 1894–1907 (2014)CrossRef
  27.Zhu, Y., Wang, H., Hu, Z., Ahn, G.-J., Hu, H., Yau, S.S.: Dynamic Audit Services for Integrity Verification of Outsourced Storages in Clouds. In: Proc. ACM Symp. Applied Computing, pp. 1550–1557. (2011)
  28.Zhu, Y., Hu, H., Ahn, G., Yu, M.: Cooperative provable data possession for integrity verification in multi-cloud storage. IEEE Trans. Parallel Distrib. Syst. 23(12), 2231–2244 (2012)CrossRef
  
• 作者单位：Jianhong Zhang (1)
  Xubing Zhao (2)
  
  1. College of Sciences, North China University of Technology, Beijing, China
  2. School of Electronic and Information Engineering, North China University of Technology, Beijing, China
  
• 刊物类别：Computer Science
• 刊物主题：Processor Architectures
  Operating Systems
  Computer Communication Networks
  
• 出版者：Springer Netherlands
• ISSN：1573-7543

文摘

Cloud storage is an important application service in cloud computing, it allows data users to store and access their files anytime, from anywhere and with any device. To ensure the security of the outsourced data, data user needs to periodically check data integrity. In some cases, the identity privacy of data user must be protected. However, in the existing preserving identity privacy protocols, data tag generation is mainly based on complex ring signature or group signature. It brings a heavy burden to data user. To ensure identity privacy of data user, in this paper we propose a novel identity privacy-preserving public auditing protocol by utilizing chameleon hash function. It can achieve the following properties: (1) the identity privacy of data user is preserved for cloud server; (2) the validity of the outsourced data is verified; (3) data privacy can be preserved for the auditor in auditing process; (4) computation cost to produce data tag is very low. Finally, we also show that our scheme is provably secure in the random oracle model, the security of the proposed scheme is related to the computational Diffie–Hellman problem and hash function problem.