Jiangang Shu,Xing Zou,Xiaohua Jia,Weizhe Zhang,Ruitao Xie

DOI: https://doi.org/10.1109/tcc.2021.3051622

IF: 5.697

2022-01-01

IEEE Transactions on Cloud Computing

Abstract:Public auditing schemes for cloud storage systems have been extensively explored with the increasing importance of data integrity. A third-party auditor (TPA) is introduced in public auditing schemes to verify the integrity of outsourced data on behalf of users. To resist malicious TPAs, many blockchain-based public verification schemes have been proposed. However, existing auditing schemes rely on a centralized TPA, and they are vulnerable to tempting auditors who may collude with malicious blockchain miners to produce biased auditing results. In this article, we propose a blockchain-based decentralized public auditing (BDPA) scheme by utilizing a decentralized blockchain network to undertake the responsibility of a centralized TPA, and also mitigate the influence of tempting auditors and malicious blockchain miners by taking the concept of decentralized autonomous organization (DAO). A detailed security analysis shows that BDPA can preserve data integrity against tempting auditors and malicious blockchain miners. A comprehensive performance evaluation demonstrates that BDPA is feasible and scalable.

Wenyu Xiang,Jie Zhao,Hejiao Huang,Xiaojun Zhang,Zoe Lin Jiang,Daojing He

DOI: https://doi.org/10.1007/978-981-97-0801-7_17

2024-01-01

Abstract:Public auditing mechanism can delegate a third-party auditor (TPA) to check the remote data integrity on behalf of data owners. However, the TPA, as an idealized and benefit-oriented entity, may not provide correct auditing results on time. To date, a large number of public auditing schemes utilize the booming blockchain technique to resist dishonest TPA, but most of them are vulnerable to malicious miners who attempt to manipulate the randomness of auditing challenge generation. In this paper, we propose a novel Blockchain-assisted Privacy-preserving Public Auditing scheme, named BPPA. The BPPA scheme utilizes a smart contract deployed on the Ethereum blockchain to replace the TPA. To eliminate the impact of malicious miners, the smart contract employs unpredictable hash values of the nearest Ethereum blocks to generate the index locators. These locators segmentally produce index subsets of challenged data blocks, ensuring the unpredictability of auditing challenge messages. Meanwhile, BPPA achieves conditional identity anonymity for data owners through the employment of identity-based public key cryptography and key exchange technique. We prove the security of our scheme based on the computational Diffie-Hellman assumption and the discrete logarithm assumption. Furthermore, we analyze the performance from theoretical and experimental aspects, and the evaluation results demonstrate that our auditing scheme is effective and efficient.

Ying Miao,Qiong Huang,Meiyan Xiao,Hongbo Li

DOI: https://doi.org/10.1109/ACCESS.2020.3013153

IF: 3.9

2020-01-01

IEEE Access

Abstract:Cloud storage systems provide a flexible, convenient and friendly way for users to outsource data. However, users lose control of their data once outsourcing them to the cloud. Public auditing was introduced to ensure data integrity, in which a third-party auditor (TPA) is delegated to execute auditing tasks. In general, TPA generates and sends challenge information to the cloud server (CS), which proves data possession accordingly. However, the TPA may not perform public auditing protocol honestly or may even collude with CS to deceive users. Some existing public auditing schemes utilize blockchain to resist against the malicious TPA. However, the CS may guess the challenge messages and there is a risk that users' information may be leaked to the TPA during the process of auditing. In this paper, we propose a decentralized and privacy-preserving public auditing scheme based on blockchain (DBPA), in which a blockchain is utilized as an unpredictable source for the generation of (random) challenge information, and the auditor is required to record the audit process onto the blockchain. Due to the characteristics of blockchain, users can check the audit results publicly. Moreover, zero-knowledge proof is used in DBPA to protect user's privacy during the audit process so that the response information returned by the CS does not leak information about user's data. Security analysis and performance evaluation show that DBPA is secure and efficient.

Shanshan Li,Chunxiang Xu,Yuan Zhang,Anjia Yang,Xinsheng Wen,Kefei Chen

DOI: https://doi.org/10.1007/978-3-030-71852-7_14

2020-01-01

Abstract:Public integrity auditing enables a user to delegate a third-party auditor (TPA) to periodically audit the integrity of the outsourced data. Whereas, the security of public auditing schemes relies on the trustworthiness of TPA: once TPA misbehaves, the data integrity auditing would be invalidated. In this paper, we propose a blockchain-based efficient public integrity auditing scheme to resist misbehaved TPA, where the user is required to check the behaviors of TPA in a much longer period compared with that of the data integrity auditing performed by TPA. To free users from heavy computation costs during the checking, our scheme uses two key techniques. We first design a smart contract to (1) enable TPA to record each auditing entry (which records the information about each auditing task) into the blockchain and (2) ensure the validity of each recorded entry. Then, we propose an auditing record chain built on the Ethereum blockchain to link all auditing entries corresponding to the same data in the chronological order. By doing so, the user only needs to check the last auditing entry generated by TPA to verify the trustworthiness of TPA (i.e., whether TPA has correctly performed the prescribed auditing tasks). Compared with existing schemes, where the user has to check multiple entries one by one, our scheme achieves the same security guarantee with constant and low costs in terms of communication and computation.

Haoming Wang,Yuanhang Zhang,Xu An Wang,Xiaoyuan Yang

DOI: https://doi.org/10.1016/j.heliyon.2024.e36273

IF: 3.776

2024-08-20

Heliyon

Abstract:With the rapid development of informatization, a vast amount of data is continuously generated and accumulated, leading to the emergence of cloud storage services. However, data stored in the cloud is beyond the control of users, posing various security risks. Cloud data auditing technology enables the inspection of data integrity in the cloud without the necessity of data downloading. Among these, public auditing schemes have experienced rapid development due to their ability to avoid additional user auditing expenses. However, malicious third-party auditors can compromise data privacy. This paper proposes an improved identity-based cloud auditing scheme that can resist malicious auditors. This scheme is also constructed on an identity-based public auditing scheme using blockchain to prevent malicious auditing. We found the scheme is not secure because a malicious cloud server can forge authentication tags for outsourced data blocks, while our scheme has not these security flaws. Through security proofs and performance analysis, we further demonstrate that our scheme is secure and efficient. Additionally, our scheme has typical application scenarios.

Yilin Yuan,Jianbiao Zhang,Wanshan Xu,Zheng Li

DOI: https://doi.org/10.1007/s11227-021-04193-6

IF: 3.3

2022-01-10

The Journal of Supercomputing

Abstract:Almost all existing data integrity verification schemes upload outsourced files and tags set to the CSP simultaneously. Thus, in this paper, we provide a novel idea to construct the integrity verification scheme via blockchain. The construction of the proposed scheme is based on identity-based encryption (IBE) which avoids the complex certificate management caused by the public key infrastructure (PKI). Our scheme decides to upload tags set to the blockchain to achieve the separate storage of the tags set and files. The characteristics of the blockchain determine that the tags set will not be forged. But separate storage may cause the information returned by the three parties participating in the public auditing to be out of sync; thus, a small data structure—audit log is introduced to solve this problem. The advantages of audit log can not only guarantee the correct and smooth implementation of the proposed scheme, but also prove the TPA’s innocence when necessary. Moreover, the security of our scheme is strictly proved. Finally, a series of performance evaluations demonstrate that our scheme is efficient and feasible.

computer science, theory & methods,engineering, electrical & electronic, hardware & architecture

Yangfei Lin,Jie Li,Shigetomo Kimura,Yongbing Zhang,Yusheng Ji,Yang

DOI: https://doi.org/10.1109/icpads53394.2021.00066

2021-01-01

Abstract:Cloud storage services offer flexible, convenient solutions for business and personal users to store data. Traditionally, Third Party Auditors (TPAs) are introduced to ensure data integrity for public auditing. However, TPAs may also be untrusted for forging the auditing results or colluding with cloud storage servers to deceive users. In this paper, we propose a novel Blockchain-based Public Audi...

Jiahao Jiang,Xiao Tan,Lidong Han,Qi Xie,Shengbao Wang

DOI: https://doi.org/10.1109/access.2023.3295248

IF: 3.9

2023-01-01

IEEE Access

Abstract:We propose a credible alliance-chain-based public auditing scheme (CACPA) to properly address the trust problem of third-party auditor (TPA) in the traditional audit scheme for cloud storage. Based on the non-tamperability and traceability of blockchain, we design a novel incentive mechanism to enforce honest and reliable behaviors of TPA. The basic idea is to organize TPA as a group of blockchain nodes conducting mutual surveillance. Any behavior of a TPA node will be inspected by other nodes to maintain good reputation of the group, and malicious behaviors will bring severe punishments. Accordingly, we develop system model of the proposed CACPA, as well as smart contracts to deal with transactions-related issues, such as dispute resolution. Finally, performance evaluation validates that our scheme enjoys acceptable efficiency and suits for real-world applications.

computer science, information systems,telecommunications,engineering, electrical & electronic

Cong Wang,Qian Wang,Kui Ren,Wenjing Lou

DOI: https://doi.org/10.1109/tc.2011.245

2013-01-01

Abstract:Cloud Computing is the long dreamed vision of computing as a utility, where users can remotely store their data into the cloud so as to enjoy the on-demand high quality applications and services from a shared pool of configurable computing resources. By data outsourcing, users can be relieved from the burden of local data storage and maintenance. However, the fact that users no longer have physical possession of the possibly large size of outsourced data makes the data integrity protection in Cloud Computing a very challenging and potentially formidable task, especially for users with constrained computing resources and capabilities. Thus, enabling public auditability for cloud data storage security is of critical importance so that users can resort to an external audit party to check the integrity of outsourced data when needed. To securely introduce an effective third party auditor (TPA), the following two fundamental requirements have to be met: 1) TPA should be able to efficiently audit the cloud data storage without demanding the local copy of data, and introduce no additional on-line burden to the cloud user; 2) The third party auditing process should bring in no new vulnerabilities towards user data privacy. In this paper, we utilize and uniquely combine the public key based homomorphic authenticator with random masking to achieve the privacy-preserving public cloud data auditing system, which meets all above requirements. To support efficient handling of multiple auditing tasks, we further explore the technique of bilinear aggregate signature to extend our main result into a multi-user setting, where TPA can perform multiple auditing tasks simultaneously. Extensive security and performance analysis shows the proposed schemes are provably secure and highly efficient.

Yapeng Miao,Ying Miao,Xuexue Miao

DOI: https://doi.org/10.1002/cpe.8285

2024-09-29

Concurrency and Computation Practice and Experience

Abstract:Summary Cloud storage provides a convenient way of collaboration and sharing. An increasing number of users are becoming more open to sharing their data with others. Consequently, the integrity of shared data has started to draw significant attention due to the loss control of it. Remote data integrity techniques can solve this problem. To resist the collusion between the third party auditor and the cloud server, existing integrity auditing schemes utilize blockchain to replace the third party auditor to do some work. However, these schemes still involve collusion between the third party auditor and the miners and cannot guarantee the third party auditor to execute the auditing process honestly. Considering this, we propose a blockchain‐based transparent and certificateless data integrity auditing scheme. Specifically, we design the smart contract combining the commitment technology to generate the challenge information and record the auditing information. Besides, we combine certificateless cryptography and the blind technology to achieve the privacy‐preserving. The proposed scheme can resist collusion, improve the transparency of the auditing process, protect the data privacy and reduce the overhead of certificate management and key management. The security analysis and performance evaluation demonstrate the security and efficiency of the scheme.

computer science, theory & methods, software engineering

Vamshi Adouth,Eswari Rajagopal

DOI: https://doi.org/10.1002/cpe.7690

2023-03-11

Concurrency and Computation: Practice and Experience

Abstract:Summary Cloud‐server is an effective and flexible way to manage the massive amounts of data produced by cyber‐physical systems. It is a better option to outsource these data to the cloud. When data is outsourced to the cloud, users lose control over it, compromising the data's integrity. Many public auditing schemes were proposed to address this issue, where trusted third‐party auditors (TPAs) verify the integrity of data on behalf of the users. However, trusted TPAs are vulnerable and may not provide correct auditing results on time. Moreover, there is no trust nowadays. Blockchain‐based auditing schemes were introduced to prevent trusted third parties from overcoming this issue. However, most blockchain‐based public auditing schemes suffer from the key‐escrow issue. To overcome the key‐escrow problem and malicious auditors, in this article, a blockchain‐based certificateless public auditing with privacy‐preserving for cloud‐based cyber‐physical systems is constructed. The proposed scheme is secure against type I, II, III, and IV adversaries in the random oracle model. Further, the original proof of the data is masked using a random function to achieve data privacy when data is transferred between the cloud‐server and verifier. The performance analysis shows that the proposed scheme has higher efficiency and is suitable for cyber‐physical systems.

computer science, theory & methods, software engineering

Hao Wang,Hong Qin,Minghao Zhao,Xiaochao Wei,Hua Shen,Willy Susilo

DOI: https://doi.org/10.1016/j.ins.2020.01.051

IF: 8.1

2020-01-01

Information Sciences

Abstract:Cloud storage plays an important role in today’s cloud ecosystem. Increasingly clients tend to outsource their data to the cloud. In spite of its copious advantages, integrity has always been a significant issue. The audit method is commonly used to ensure integrity in cloud scenarios. However, traditional auditing schemes expect a third-party auditor (TPA), which is not always available in the real world. Also, the former scheme implies a limited pay-as-you-go service, as it requires the client to pay for the service in advance. In this paper, we aim to address the aforementioned drawback by adopting blockchain to replace TPA and designing a blockchain-based fair payment smart contract for public cloud storage auditing. In our system, data owner and cloud service provider (CSP) will run a blockchain-based smart contract. The contract ensures that the CSP is required to submit data possession proof regularly. The CSP gets paid only if the verification is passed; otherwise, it gets no remuneration but has to pay the penalties. To reduce the number of interactions in the execution of contract, we present the notion of non-interactive public provable data possession and design a blockchain-based smart contract for public cloud storage auditing based on this primitive.

Cheng Zhang,Yang Xu,Yupeng Hu,Jiajing Wu,Ju Ren,Yaoxue Zhang

DOI: https://doi.org/10.1109/tcc.2021.3057771

IF: 5.697

2022-01-01

IEEE Transactions on Cloud Computing

Abstract:Network storage services have benefited countless users worldwide due to the notable features of convenience, economy and high availability. Since a single service provider is not always reliable enough, more complex multi-cloud storage systems are developed for mitigating the data corruption risk. While a data auditing scheme is still needed in multi-cloud storage to help users confirm the integrity of their outsourced data. Unfortunately, most of the corresponding schemes rely on trusted institutions such as the centralized third-party auditor (TPA) and the cloud service organizer, and it is difficult to identify malicious service providers after service disputes. Therefore, we present a blockchain-based multi-cloud storage data auditing scheme to protect data integrity and accurately arbitrate service disputes. We not only introduce the blockchain to record the interactions among users, service providers, and organizers in data auditing process as evidence, but also employ the smart contract to detect service dispute, so as to enforce the untrusted organizer to honestly identify malicious service providers. We also use the blockchain network and homomorphic verifiable tags to achieve the low-cost batch verification without TPA. Theoretical analyses and experiments reveal that the scheme is effective in multi-cloud environments and the cost is acceptable.

Jining Zhao,Chunxiang Xu,Fagen Li,Wenzheng Zhang

DOI: https://doi.org/10.1587/transfun.E96.A.2709

2013-01-01

Abstract:In the Cloud computing era, users could have their data outsourced to cloud service provider (CSP) to enjoy on-demand high quality service. On the behalf of the user, a third party auditor (TPA) which could verify the real data possession on CSP is critically important. The central challenge is to build efficient and provably secure data verification scheme while ensuring that no users' privacy is leaked to any unauthorized party, including TPA. In this paper, we propose the first identity-based public verification scheme, based on the identity-based aggregate signature (IBAS). In particular, by minimizing information that verification messages carry and TPA obtains or stores, we could simplify key management and greatly reduce the overheads of communication and computation. Unlike the existing works based on certificates, in our scheme, only a private key generator (PKG) has a traditional public key while the user just keeps its identity without binding with certificate. Meanwhile, we utilize privacy-preserving technology to keep users' private data off TPA. We also extend our scheme with the support of batch verification task to enable TPA to perform public audits among different users simultaneously. Our scheme is provably secure in the random oracle model under the hardness of computational Diffie-Hellman assumption over pairing-friendly groups and Discrete Logarithm assumption.

Yuan Zhang,Chunxiang Xu,Xiaodong Lin,Xuemin Shen

DOI: https://doi.org/10.1109/tcc.2019.2908400

IF: 5.697

2019-01-01

IEEE Transactions on Cloud Computing

Abstract:The deployment of cloud storage services has significant benefits in managing data for users. However, it also causes many security concerns, and one of them is data integrity. Public verification techniques can enable a user to employ a third-party auditor to verify the data integrity on behalf of her/him, whereas existing public verification schemes are vulnerable to procrastinating auditors who may not perform verifications on time. Furthermore, most of public verification schemes are constructed on the public key infrastructure (PKI), and thereby suffer from certificate management problem. In this paper, we propose a certificateless public verification scheme against procrastinating auditors (CPVPA) by using blockchain technology. The key idea is to require auditors to record each verification result into a transaction on a blockchain. Because transactions on the blockchain are time-sensitive, the verification can be time-stamped after the transaction is recorded into the blockchain, which enables users to check whether auditors perform the verifications at the prescribed time. Moreover, CPVPA is built on certificateless cryptography, and is free from the certificate management problem. We present rigorous security proofs to demonstrate the security of CPVPA, and conduct a comprehensive performance evaluation to show that CPVPA is efficient.

Solomon Guadie Worku,Chunxiang Xu,Jining Zhao,Xiaohu He

DOI: https://doi.org/10.1016/j.compeleceng.2013.10.004

2014-01-01

Abstract:Cloud computing poses many challenges on integrity and privacy of users' data though it brings an easy, cost-effective and reliable way of data management. Hence, secure and efficient methods are needed to ensure integrity and privacy of data stored at the cloud. Wang et al. proposed a privacy-preserving public auditing protocol in 2010 but it is seriously insecure. Their scheme is vulnerable to attacks from malicious cloud server and outside attackers regarding to storage correctness. So they proposed a scheme in 2011 with an improved security guarantee but it is not efficient. Thus, in this paper, we proposed a scheme which is secure and with better efficiency. It is a public auditing scheme with third party auditor (TPA), who performs data auditing on behalf of user(s). With detail security analysis, our scheme is proved secure in the random oracle model and our performance analysis shows the scheme is efficient.

Rahul Mishra,Dharavath Ramesh,Damodar Reddy Edla,Munesh Chandra Trivedi

DOI: https://doi.org/10.1007/s10586-021-03508-9

2022-01-27

Cluster Computing

Abstract:Cloud storage offers users to manage their remote data more efficiently. However, it comes with the threat of severe security concerns, i.e., integrity. Public auditing models have been intensively researched with the growing importance of data integrity. These public auditing models employed a third-party auditor (TPA) to check the integrity of stored data on behalf of users. However, these models are susceptible to procrastinating auditors who may not conduct the scheduled auditing on time. Therefore, this paper introduces a blockchain-based methodology to employ a certificateless public auditing model against malicious and procrastinating auditors with efficient user revocation to address these issues. It enables the storage of immutable time-stamped auditing results as a transaction on the blockchain. So, the users can verify whether TPA performs the auditing task on the scheduled time. This model supports efficient batch auditing in multiple cloud servers without an additional trusted organizer. A formal security analysis guarantees the computational intractability and the performance analysis illustrates the feasibility and practicability of the model.

Hong Lei,Zijian Bao,Qinghao Wang,Yongxin Zhang,Wenbo Shi

DOI: https://doi.org/10.1007/978-981-15-9213-3_21

2020-01-01

Abstract:With the continuous growth of data resources, outsourcing data storage to cloud service providers is becoming the norm. Unfortunately, once data are stored on the cloud platform, they will be out of data owners’ control. Thus, it is critical to guarantee the integrity of the remote data. To solve this problem, researchers have proposed many data auditing schemes, which often employ a trusted role named Third Party Auditor (TPA) to verify the integrity. However, the TPA may not be reliable as expected. For example, it may collude with cloud service providers to hide the fact of data corruption for benefits. Blockchain has the characteristics of decentralization, non-tampering, and traceability, which provides a solution to trace the malicious behaviors of the TPA. Moreover, Intel SGX, as the popular trusted computing technology, can be used to protect the correctness of the auditing operations with a slight performance cost, which excellently serves as the of the blockchain-based solution. In this paper, we propose a secure auditing scheme based on the blockchain and Intel SGX technology, termed SDABS. The scheme follows the properties of storage correctness, data-preserving, accountability, and anti-collusion. The experiment results show that our scheme is efficient.

Yilin Yuan,Jianbiao Zhang,Wanshan Xu,Zheng Li

DOI: https://doi.org/10.1002/cpe.6735

2021-12-09

Concurrency and Computation: Practice and Experience

Abstract:With the popularity of cloud computing, cloud storage technology has also been widely used. Among them, data integrity verification is a hot research topic. At present, the realization of public auditing has become the development trend of integrity verification. Most existing public auditing schemes rarely consider some indispensable functions at the same time. Thus, in this article, we propose a comprehensive public auditing scheme (PDBPA) that can simultaneously support data privacy protection, data dynamics, and multi‐user batch auditing. To guarantee privacy protection during the audit process, our PDBPA design a new method of constructing audit proof, which combines random masking techniques and bilinear properties of bilinear pairing. Not only can it ensure that TPA performs audits correctly, but it can also prevent it from exploring the user's sensitive data. In addition, by utilizing the modified dynamic hash table, which is a novel and small two‐dimensional data structure, data dynamics can be effectively achieved. Furthermore, we provide a detailed process for the third‐party auditors to perform batch audits for multiple users. Moreover, we give the detailed and rigorous security analysis in defending against forgery attack, replace attack, and replay attack. Performance evaluations demonstrate that our PDBPA scheme is effective and feasible.

Han Wang,Xu An Wang,Shuai Xiao,JiaSen Liu

DOI: https://doi.org/10.1007/s12652-020-02432-x

IF: 3.662

2020-08-06

Journal of Ambient Intelligence and Humanized Computing

Abstract:The rapid popularization of cloud computing and ultra-high-speed Internet has promoted the vigorous development of data sharing and collaborative office, especially in Big Data and AI. Aiming at protecting the security of users' data, researchers developed PDP scheme to verify data. However, existing schemes all rely on semi-trusted Third Party Auditor (TPA) or group management to store verification information. In order to solve this problem, we propose a distributed data integrity audit scheme based on blockchain. This scheme provides a brand-new method, which allows customers to store data safely without relying on any specific TPA and protect users' privacy at a lower cost. For the new concept, this paper points out the problems of the existing scheme and puts forward system model and security model. Then, a decentralized data integrity audit scheme using blockchain is designed. The proposed private PDP scheme based on blockchain is provably secure. At the same time, the security analysis and efficiency analysis show that the proposed PDP scheme is safe, efficient and practical.

computer science, information systems,telecommunications, artificial intelligence