Xin Lin,Shanping Li,Wei Shi,Jie Teng

DOI: https://doi.org/10.1007/11590354_121

2005-01-01

Abstract:Challenges revealed in constructing a peer-to-peer (P2P) file system are due to the difficulties of version control.There have appeared no P2P systems, which can solve these problems smoothly. In this paper we show our efforts towards solving the problems by developing a new application, SVCL (a Scalable Version Control Layer in P2P file system), in which version control servers are woven into a peer-to-peer network so that the system will not crash under single node failure. As a result, users can carry out both file updating and reading operations. Experiments have demonstrated the high performance of the proposed system.

Rongxing Lu,Xiaodong Lin,Zhiguo Shi,Xuemin (Sherman) Shen

DOI: https://doi.org/10.1109/mis.2013.56

IF: 6.744

2013-01-01

IEEE Intelligent Systems

Abstract:Vehicular traffic monitoring (VTM) is a promising cyber-physical system, but it faces many security and privacy challenges. Here, a new lightweight conditional privacy preservation (LCPP) protocol utilizes simple hash-chain techniques to secure VTM systems. The protocol not only supports the requirement of conditional privacy preservation, but also achieves efficient local revocation verification on the road.

Ghalya Alwhishi,Jamal Bentahar,Ahmed Elwhishi,Witold Pedrycz

DOI: https://doi.org/10.1016/j.eswa.2023.123113

IF: 8.5

2024-01-07

Expert Systems with Applications

Abstract:Intelligent applications are highly susceptible to uncertainty and inconsistency due to the intense and intricate interactions among their autonomous components (or agents), making their verification theoretically and practically challenging. This paper presents the design and implementation of a new open-source and scalable software tool for modeling and verifying intelligent applications with commitment and trust protocols under both uncertainty and inconsistency settings, using reduction-based multi-valued model checking techniques. The proposed tool is equipped with original and novel algorithms that transform our logics of multi-valued commitment (mv-CTLC) and multi-value trust (mv-TCTL) that we recently introduced to their classical two-valued commitment (CTLC) and trust (TCTL) logic versions as well as to Computational Tree Logic (CTL). Moreover, the tool transforms the mv-CTL to CTL, and it is applicable for the classical model checking by transforming the classical logics of trust and commitment to CTL. To demonstrate the practicality and applicability of the proposed tool in real settings, we present and report experimental results over two blockchain-based applications in the healthcare domain. Finally, we provide discussions and comparisons between the proposed approaches regarding scalability and efficiency. Moreover, we provide packages of more than 11 experiments, including the ones we conduct in this paper and enhanced experiments from previous works. Our findings ensure that the proposed approaches and the software tool that implements them are highly efficient and scalable, giving accurate results under varying conditions.

computer science, artificial intelligence,engineering, electrical & electronic,operations research & management science

Zhangyun Liu,Xiaowei Yang,Kun Zhao,Yongjian Liao,Yichuan He

DOI: https://doi.org/10.1109/bigcom.2017.29

2017-08-01

Abstract:In cloud storage, remote data integrity checking is considered as a crucial technique about data owners who upload enormous data to cloud server provider. A majority of the existing remote data integrity checking protocols rely on the expensive public key infrastructure. In addition, the verification of certificates needs heavy computation and communication cost. Meanwhile, the existing some protocols are not secure under the quantum computer attacks. However, lattice-based constructed cryptography can resist quantum computer attacks and is fairly effective, involving matrix-matrix or matrix-vector multiplications. So, we propose an identity-based remote data integrity checking protocol from lattices, which can eliminate the certificate management process and resist quantum computer attacks. Our protocol is completeness and provably secure based on the hardness small integer solution assumption. The presented scheme is secure against cloud service provider attacks, and leaks no any blocks of the stored file to the third party auditor during verification stage, namely the data privacy against the curiosity third party auditor attacks. The cloud service provider attack includes lost attack and tamper attack. Furthermore, the performance analysis of some protocols demonstrate that our protocol of remote data integrity checking is useful and efficient.

Yingjie Xia,Fubiao Xia,Xuejiao Liu,Xin Sun,Yuncai Liu,Yi Ge

DOI: https://doi.org/10.3837/tiis.2014.10.019

2014-01-01

Abstract:The increasing demand in promoting cloud computing in either business or other areas requires more security of a cloud storage system. Traditional cloud storage systems fail to protect data integrity information (DII), when the interactive messages between the client and the data storage server are sniffed. To protect DII and support public verifiability, we propose a data integrity verification scheme by deploying a designated confirmer signature DCS as a building block. The DCS scheme strikes the balance between public verifiable signatures and zero-knowledge proofs which can address disputes between the cloud storage server and any user, whoever acting as a malicious player during the two-round verification. In addition, our verification scheme remains blockless and stateless, which is important in conducting a secure and efficient cryptosystem. We perform security analysis and performance evaluation on our scheme, and compared with the existing schemes, the results show that our scheme is more secure and efficient.

Qingxuan Wang,Chi Cheng,Rui Xu,Jintai Ding,Zhe Liu

DOI: https://doi.org/10.1109/TSC.2020.3041324

IF: 11.019

2022-01-01

IEEE Transactions on Services Computing

Abstract:Recently, Zhang et al. proposed a lattice-based data outsourcing scheme with public integrity verification (DOPIV), which enables an original data owner to delegate a proxy to generate the signatures of data and outsource them to the cloud server. They employed a third party auditor (TPA) to check the integrity of the outsourced data and any TPA can verify the data integrity efficiently. DOPIV is claimed to achieve proxy-oriented secure data outsourcing as well as storage correctness guarantee. Unfortunately, we find that there exist vulnerabilities in DOPIV which allow the cloud server to simply delete the received data without being noticed by the TPA. Fortunately, we come up with a simple and efficient solution to thwart the proposed attack. Our improved scheme maintains all the features claimed in DOPIV.

Litao Zhou,Jianxing Qin,Qinshi Wang,Andrew W. Appel,Qinxiang Cao

2023-10-26

Abstract:Program verifiers for imperative languages such as C may be annotation-based, in which assertions and invariants are put into source files and then checked, or tactic-based, where proof scripts separate from programs are interactively developed in a proof assistant such as Coq. Annotation verifiers have been more automated and convenient, but some interactive verifiers have richer assertion languages and formal proofs of soundness. We present VST-A, an annotation verifier that uses the rich assertion language of VST, leverages the formal soundness proof of VST, but allows users to describe functional correctness proofs intuitively by inserting assertions. VST-A analyzes control flow graphs, decomposes every C function into control flow paths between assertions, and reduces program verification problems into corresponding straightline Hoare triples. Compared to existing foundational program verification tools like VST and Iris, in VST-A, such decompositions and reductions are allowed to be nonstructural, which makes VST-A more flexible to use. VST-A's decomposition and reduction is defined in Coq, proved sound in Coq, and computed in a call-by-value way in Coq. The soundness proof for reduction is totally logical, independent of the complicated semantic model (and soundness proof) of VST's Hoare triple. Because of the rich assertion language, not all reduced proof goals can be automatically checked, but the system allows users to prove residual proof goals using the full power of the Coq proof assistant.

Programming Languages

Yilin Yuan,Jianbiao Zhang,Wanshan Xu,Zheng Li

DOI: https://doi.org/10.1007/s11227-021-04193-6

IF: 3.3

2022-01-10

The Journal of Supercomputing

Abstract:Almost all existing data integrity verification schemes upload outsourced files and tags set to the CSP simultaneously. Thus, in this paper, we provide a novel idea to construct the integrity verification scheme via blockchain. The construction of the proposed scheme is based on identity-based encryption (IBE) which avoids the complex certificate management caused by the public key infrastructure (PKI). Our scheme decides to upload tags set to the blockchain to achieve the separate storage of the tags set and files. The characteristics of the blockchain determine that the tags set will not be forged. But separate storage may cause the information returned by the three parties participating in the public auditing to be out of sync; thus, a small data structure—audit log is introduced to solve this problem. The advantages of audit log can not only guarantee the correct and smooth implementation of the proposed scheme, but also prove the TPA’s innocence when necessary. Moreover, the security of our scheme is strictly proved. Finally, a series of performance evaluations demonstrate that our scheme is efficient and feasible.

computer science, theory & methods,engineering, electrical & electronic, hardware & architecture

Guang Chen,Dexi Wang,Tianchi Li,Chao Zhang,Ming Gu,Jiaguang Sun

DOI: https://doi.org/10.1109/apsec.2018.00027

2018-01-01

Abstract:Software verification has been well applied in safety critical areas and has shown the ability to provide better quality assurance for modern software. However, as lines of code and complexity of software systems increase, the scalability of verification becomes a challenge. In this paper, we present an automatic software verification framework TSV to address the scalability issues: (i) the extended structural abstraction and property-guided program slicing to solve large-scale program verification problem, saving time and memory without losing accuracy; (ii) automatically select different verification methods according to the program and property context to improve the verification efficiency. For evaluation, we compare TSV's different configurations with existing C program verifiers based on open benchmarks. We found that TSV with auto-selection performs better than with bounded model checking only or with extended structural abstraction only. Compared to existing tools such as CMBC and CPAChecker, it acquires 10%-20% improvement of accuracy and 50%-90% improvement of memory consumption.

Zhanhao Zhao,Hexiang Pan,Gang Chen,Xiaoyong Du,Wei Lu,Beng Chin Ooi

DOI: https://doi.org/10.1145/3626764

2023-01-01

Abstract:Cloud-native databases become increasingly popular while exposing to greater data security and correctness risks. Existing verifiable outsourced databases overlook either the correctness risk of transactions, or the disaggregation architecture: a key design consideration of cloud-native databases for performance and elasticity, or both. We present VeriTxn, a novel cloud-native database that efficiently provides verifiability of transaction correctness. VeriTxn relies on the trusted hardware (i.e., Intel SGX) to enable verifiable transaction processing. We build a page-structure cache in the trusted domain, where transactions can be verified with low, constant overhead. VeriTxn further optimizes the read-only transactions by exploiting disaggregation to fit the read-heavy workload in the cloud. We also integrate our proposal into MySQL, a popular open-source database. We conduct extensive experiments to compare VeriTxn against state-of-the-art verifiable databases and evaluate the performance of VeriTxn on MySQL. The results show that VeriTxn introduces tolerable performance degradation for verifiable transactions, while achieving up to 7.03× and 7.93× higher throughput than Litmus and LedgerDB, and its sustainable performance when integrated with MySQL.

Qian Wang,Cong Wang,Kui Ren,Wenjing Lou,Jin Li

DOI: https://doi.org/10.1109/tpds.2010.183

IF: 5.3

2010-01-01

IEEE Transactions on Parallel and Distributed Systems

Abstract:Cloud Computing has been envisioned as the next-generation architecture of IT Enterprise. It moves the application software and databases to the centralized large data centers, where the management of the data and services may not be fully trustworthy. This unique paradigm brings about many new security challenges, which have not been well understood. This work studies the problem of ensuring the integrity of data storage in Cloud Computing. In particular, we consider the task of allowing a third party auditor (TPA), on behalf of the cloud client, to verify the integrity of the dynamic data stored in the cloud. The introduction of TPA eliminates the involvement of the client through the auditing of whether his data stored in the cloud are indeed intact, which can be important in achieving economies of scale for Cloud Computing. The support for data dynamics via the most general forms of data operation, such as block modification, insertion, and deletion, is also a significant step toward practicality, since services in Cloud Computing are not limited to archive or backup data only. While prior works on ensuring remote data integrity often lacks the support of either public auditability or dynamic data operations, this paper achieves both. We first identify the difficulties and potential security problems of direct extensions with fully dynamic data updates from prior works and then show how to construct an elegant verification scheme for the seamless integration of these two salient features in our protocol design. In particular, to achieve efficient data dynamics, we improve the existing proof of storage models by manipulating the classic Merkle Hash Tree construction for block tag authentication. To support efficient handling of multiple auditing tasks, we further explore the technique of bilinear aggregate signature to extend our main result into a multiuser setting, where TPA can perform multiple auditing tasks simultaneously. Extensive security and performance analysis show that the proposed schemes are highly efficient and provably secure.

Yangfei Lin,Jie Li,Shigetomo Kimura,Yuanyuan Yang,Yusheng Ji,Yangjie Cao

DOI: https://doi.org/10.1109/jiot.2021.3102236

IF: 10.6

2022-03-01

IEEE Internet of Things Journal

Abstract:The applications of Internet of Things have emerged in every aspect of people's life. The volume of data gathered can be enormous. Enterprises and personal consumers are increasingly reliant on cloud storage services instead of local storage. While they enjoy the convenience of cloud storage services, they also worry about the integrity of the cloud-stored data since they do not physically own the data. To enable public integrity auditing, third-party auditors as trusted ones verify data integrity on behalf of the data owner. However, the vulnerability of auditors should also be considered. We propose a consortium blockchain-based public integrity verification system (CBPIV). In CBPIV, the auditor behaviors are recorded in the consortium blockchain so that authorized parties can audit the auditor to see if the verification results are correct. A smart contract is deployed to check the behavior of the auditor automatically, which can trigger alerts for unusual behaviors. The evaluation on both security and performance shows that our proposed scheme is secure and alleviates the burden on data owners of limited computation capability.

computer science, information systems,telecommunications,engineering, electrical & electronic

Chenxing Li,Sidi Mohamed Beillahi,Guang Yang,Ming Wu,Wei Xu,Fan Long

DOI: https://doi.org/10.1145/3664818

2024-01-01

ACM Transactions on Storage

Abstract:Authenticated storage access is the performance bottleneck of a blockchain, because each access can be amplified to potentially O(logn) disk I/O operations in the standard Merkle Patricia Trie (MPT) storage structure. In this paper, we propose a multi-Layer Versioned Multipoint Trie (LVMT), a novel high-performance blockchain storage with significantly reduced I/O amplifications. LVMT uses the authenticated multipoint evaluation tree (AMT) vector commitment protocol to update commitment proofs in constant time. LVMT adopts a multi-layer design to support unlimited key-value pairs and stores version numbers instead of value hashes to avoid costly elliptic curve multiplication operations. In our experiment, LVMT outperforms the MPT in real Ethereum traces, delivering read and write operations six times faster. It also boosts blockchain system execution throughput by up to 2.7 times.

Genqing Bian,Rui Zhang,Bilin Shao

DOI: https://doi.org/10.1109/access.2022.3166920

IF: 3.9

2022-01-01

IEEE Access

Abstract:The remote data possession checking mechanism can effectively verify the integrity of outsourced data, which can usually be divided into public verification and private verification. The verifier of public verification can be any cloud user, while private verification can only be the data owner. However, in most practical situations, the data owner expects that only a specific verifier can perform integrity checking tasks and that verifier cannot gain any knowledge about the data. Yan et al. proposed a remote data possession checking scheme with the designated verifier, which can guarantee that only the designated verifier can check data integrity, whereas others cannot do it. However, this scheme relies on public key infrastructure technology and does not consider data privacy protection issues. To overcome these shortcomings, we propose an identity-based remote data possession checking scheme that satisfies the data owner's requirement to specify a unique verifier. Moreover, in this scheme, we use a random integer to blind data integrity proof to protect data privacy and use Merkle hash tree structure to achieve dynamic update of data. At the same time, our scheme can avoid the complex certificate management in public key infrastructure. We proved the safety of our scheme based on the discrete logarithm assumption and the computational Diffie-Hellman assumption. Theoretical analysis and experimental results show that our scheme is feasible and effective in practical applications.

computer science, information systems,telecommunications,engineering, electrical & electronic

Xiufeng Zhao,Xiang Wang,Hao Xu,Yilei Wang

DOI: https://doi.org/10.1504/ijhpcn.2015.070020

2015-01-01

Abstract:Cloud computing is a distributed computing model, which provides services and resources. As a new type of storage services, cloud storage provides a new method for mass data storage management. Nowadays, more and more users upload their data to cloud storage servers and retrieve data when needed. One of the basic tasks of cloud storage is to guarantee the integrity between retrieved and uploaded data. Therefore, data integrity checking of cloud storage becomes a key issue. This paper proposes a privacy-preserving public verifying cloud data integrity checking protocol. To achieve security against quantum computer attacks, we resort to constructing homomorphic linear authenticator based on a lattice-based homomorphic signature algorithm. To eliminate data content exposure to achieve privacy, we use the blind checking technique. Theoretical analysis indicates that our scheme achieves security against malicious cloud server and privacy against third party auditor TPA, and resists the known-proof forgery attack. Compared with other protocols, our protocol does not resort to rank-based authenticated skip list, saving storage and communication overhead. Furthermore, it makes use of matrix-vector multiplication operation, avoiding great amount of module exponential operation, which reduces the computational labour for cloud server and TPA.

Vincent Cheval,José Moreira,Mark Ryan

2023-04-16

Abstract:Transparency protocols are protocols whose actions can be publicly monitored by observers (such observers may include regulators, rights advocacy groups, or the general public). The observed actions are typically usages of private keys such as decryptions, and signings. Examples of transparency protocols include certificate transparency, cryptocurrency, transparent decryption, and electronic voting. These protocols usually pose a challenge for automatic verification, because they involve sophisticated data types that have strong properties, such as Merkle trees, that allow compact proofs of data presence and tree extension. We address this challenge by introducing new features in ProVerif, and a methodology for using them. With our methodology, it is possible to describe the data type quite abstractly, using ProVerif axioms, and prove the correctness of the protocol using those axioms as assumptions. Then, in separate steps, one can define one or more concrete implementations of the data type, and again use ProVerif to show that the implementations satisfy the assumptions that were coded as axioms. This helps make compositional proofs, splitting the proof burden into several manageable pieces. We illustrate the methodology and features by providing the first formal verification of the transparent decryption and certificate transparency protocols with a precise modelling of the Merkle tree data structure.

Cryptography and Security

Luwei Cai,Fu Song,Taolue Chen

DOI: https://doi.org/10.48550/arXiv.2402.13506

2024-02-21

Abstract:Timing side-channel attacks exploit secret-dependent execution time to fully or partially recover secrets of cryptographic implementations, posing a severe threat to software security. Constant-time programming discipline is an effective software-based countermeasure against timing side-channel attacks, but developing constant-time implementations turns out to be challenging and error-prone. Current verification approaches/tools suffer from scalability and precision issues when applied to production software in practice. In this paper, we put forward practical verification approaches based on a novel synergy of taint analysis and safety verification of self-composed programs. Specifically, we first use an IFDS-based lightweight taint analysis to prove that a large number of potential (timing) side-channel sources do not actually leak secrets. We then resort to a precise taint analysis and a safety verification approach to determine whether the remaining potential side-channel sources can actually leak secrets. These include novel constructions of taint-directed semi-cross-product of the original program and its Boolean abstraction, and a taint-directed self-composition of the program. Our approach is implemented as a cross-platform and fully automated tool CT-Prover. The experiments confirm its efficiency and effectiveness in verifying real-world benchmarks from modern cryptographic and SSL/TLS libraries. In particular, CT-Prover identify new, confirmed vulnerabilities of open-source SSL libraries (e.g., Mbed SSL, BearSSL) and significantly outperforms the state-of-the-art tools.

Cryptography and Security,Software Engineering

Qi Yining,Tang Xin,Huang Yongfeng

DOI: https://doi.org/10.1049/cje.2018.02.007

IF: 1.019

2019-01-01

Chinese Journal of Electronics

Abstract:Existing dynamic data possession verification schemes not only suffer from low efficiency of rebalancing its Merkle Hash tree (MHT) when executing data updating, but also lack effective mechanism to verify multi-version files. Aiming at these problems, this paper propose a new data structure called Rank-based multi-version Merkle AVL tree (RBMV-MAT) to achieve efficient batch updating verification for multi-version data. RBMV-MAT uses a special lock and relaxed balance to decrease the frequency of rebalacing operations. The experimental results show that our efficient scheme has better efficiency than those of existing methods.

Zizhou Sun,Yahui Yang,Qingni Shen,Zhonghai Wu,Xiaochen Li

DOI: https://doi.org/10.1007/978-3-319-29814-6_28

2015-01-01

Abstract:Outsourcing data to are remote cloud service provider allows organizations or individual users to store more data on the cloud storage than on private computer systems. However, a specific problem encountered in cloud storage is how to ensure user’s confidence of the integrity of their outsourced data on cloud. One important approach is Proof of Retrievability (POR) which allows a verifier to check and repair the data stored in the cloud server. However, most of existing PORs can only deal with static data and provide one single recovery method which may lead to inefficiency and inflexibility. To address these cloud storage issues, we propose a map-based dynamic data integrity verification and recovery scheme in cloud storages. We first present two recovery methods with different granularity and introduce a new data structure. Relying on algebraic signature with homomorphism property, our integrity verification is highly efficient. Furthermore, our solution can prevent multiple cloud servers from colluding to fabricate consistent signatures.

Jian Wen,Lunzhi Deng

DOI: https://doi.org/10.1016/j.sysarc.2024.103267

IF: 5.836

2024-09-03

Journal of Systems Architecture

Abstract:Data integrity auditing provides a method for checking the integrity of outsourced data in cloud storage. However, outsourced data often contain sensitive information (such as names), posing risks of exposure during data sharing. To address this issue, Ming et al. proposed a certificateless integrity auditing scheme for sensitive information protection, claiming its security. However, by demonstrating two specific attack scenarios, we pointed out its security vulnerabilities. Subsequently, we proposed a new certificateless integrity auditing scheme for sensitive information protection in cloud storage (CIAS-SIP), which supports sensitive information protection and does not specify the data blocks that need sanitization by the data owner (DO). In addition, it supports dynamic operations by the DO on outsourced data (insertion, deletion, and modification) and provides security proofs based on the discrete logarithm problem. Finally, we compared CIAS-SIP's performance with three other integrity auditing schemes for sensitive information protection. The results show that CIAS-SIP exhibits superior efficiency.

computer science, software engineering, hardware & architecture