Jia Yu,Kui Ren,Cong Wang

DOI: https://doi.org/10.1109/tifs.2016.2528500

IF: 7.231

2016-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Key-exposure resistance has always been an important issue for in-depth cyber defence in many security applications. Recently, how to deal with the key exposure problem in the settings of cloud storage auditing has been proposed and studied. To address the challenge, existing solutions all require the client to update his secret keys in every time period, which may inevitably bring in new local burdens to the client, especially those with limited computation resources, such as mobile phones. In this paper, we focus on how to make the key updates as transparent as possible for the client and propose a new paradigm called cloud storage auditing with verifiable outsourcing of key updates. In this paradigm, key updates can be safely outsourced to some authorized party, and thus the key-update burden on the client will be kept minimal. In particular, we leverage the third party auditor (TPA) in many existing public auditing designs, let it play the role of authorized party in our case, and make it in charge of both the storage auditing and the secure key updates for key-exposure resistance. In our design, TPA only needs to hold an encrypted version of the client’s secret key while doing all these burdensome tasks on behalf of the client. The client only needs to download the encrypted secret key from the TPA when uploading new files to cloud. Besides, our design also equips the client with capability to further verify the validity of the encrypted secret keys provided by the TPA. All these salient features are carefully designed to make the whole auditing procedure with key exposure resistance as transparent as possible for the client. We formalize the definition and the security model of this paradigm. The security proof and the performance simulation show that our detailed design instantiations are secure and efficient.

Jia Yu,Kui Ren,Cong Wang,Vijay Varadharajan

DOI: https://doi.org/10.1109/TIFS.2015.2400425

IF: 7.231

2015-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Cloud storage auditing is viewed as an important service to verify the integrity of the data in public cloud. Current auditing protocols are all based on the assumption that the client's secret key for auditing is absolutely secure. However, such assumption may not always be held, due to the possibly weak sense of security and/or low security settings at the client. If such a secret key for auditing is exposed, most of the current auditing protocols would inevitably become unable to work. In this paper, we focus on this new aspect of cloud storage auditing. We investigate how to reduce the damage of the client's key exposure in cloud storage auditing, and give the first practical solution for this new problem setting. We formalize the definition and the security model of auditing protocol with key-exposure resilience and propose such a protocol. In our design, we employ the binary tree structure and the preorder traversal technique to update the secret keys for the client. We also develop a novel authenticator construction to support the forward security and the property of blockless verifiability. The security proof and the performance analysis show that our proposed protocol is secure and efficient.

Rodolfo Machuca,Fatoumata Sankare

DOI: https://doi.org/10.48550/arXiv.2208.12759

2022-08-26

Computers and Society

Abstract:As big data collection continues to grow, more and more organizations are relying on outsourcing their data to cloud-based environments. This includes the federal government and several agencies that depend on maintaining our citizens' secure data. Law enforcement agencies from the national level down to large city police departments are also using the cloud environment to store data. These agencies see this as a method of securing data while saving money by not maintaining the large data centers required to house this information. This data solution presents in own set of problems in that the outsourced data can become untrustworthy due to the lack of control of the data owners. Cloud computing is facing many difficulties, with security being the primary issue. This is because the cloud computing service provider is a separate entity; any data stored in the cloud can be interpreted as giving up control of the data by the primary data owner. [1] Remote data auditing (RDA) is increasingly important when managing data in a cloud environment, especially when organizations have to store their data in a multi-cloud environment. The challenging security threats posed by attempting to maintain the integrity of the data for proper auditing is a trial that was never addressed in the past.

Wei Guo,Hua Zhang,Sujuan Qin,Fei Gao,Zhengping Jin,Wenmin Li,Qiaoyan Wen

DOI: https://doi.org/10.1016/j.future.2019.01.009

IF: 7.307

2019-01-01

Future Generation Computer Systems

Abstract:With the advent of data outsourcing, how to efficiently verify the integrity of data stored at an untrusted cloud service provider (CSP) has become a significant problem in cloud storage. Provable data possession (PDP) is a model that allows clients or a trusted auditor to verify whether CSP possesses the outsourced data without downloading it. However, this model requires clients to tolerate non-negligible computation burden incurred by frequent verifications in private schemes, and does not provide any security assurances when client or/and auditor are dishonest. Therefore, it cannot be directly transformed into a secure outsourced auditing scheme, where any one of three participants (i.e., CSP, client and auditor) may be dishonest and any two participants may be colluded with each other. In this paper, we propose an outsourced dynamic provable data possession (ODPDP) scheme, which migrates frequent auditing task to an external auditor to reduce clients’ verification overhead, and simultaneously provides log audit mechanism with lower computation burden for clients to prevent from dishonest auditor. In addition, we propose a batch update algorithm that can perform and verify multiple update operations at once, avoiding repetitive calculations and transmissions. Security analysis proves that our scheme is secure in the enhanced threat model, and experimental results show that our scheme achieves high efficiency in terms of computation time and communication cost compared with existing outsourced auditing schemes.

Yong Yu,Yafang Zhang,Jianbing Ni,Man Ho Au,Lanxiang Chen,Hongyu Liu

DOI: https://doi.org/10.1016/j.future.2014.10.006

IF: 7.307

2015-01-01

Future Generation Computer Systems

Abstract:Cloud storage allows users to enjoy the on-demand and high quality data storage services without the load of local data maintenance. However, the cloud server providers are not fully trusted. Whether the data over cloud servers are intact becomes a major concern of data owners. To offer cloud users with the capacity of data integrity verification, recently, Chen proposed a remote data possession checking (RDPC) protocol from algebraic signatures which achieves many desirable features such as high efficiency, short length of challenges and responses, non-block verification. Unfortunately, in this paper, we find that the protocol is vulnerable to replay attack and deletion attack launched by a dishonest server. Specifically, the server can deceive the users to believe that their data are well hold by replaying a previous evidence or re-constructing the deleted data blocks from the corresponding tags in the integrity checking process, while their data have been partially discarded in fact. Then, we present an improved scheme to fix the security flaws of the original protocol. Both the theoretical analysis and the implementation results show that the improvement is secure and practical.

Chengyu Hu,Yuqin Xu,Pengtao Liu,Jia Yu,Shanqing Guo,Minghao Zhao

DOI: https://doi.org/10.1016/j.ins.2020.02.010

IF: 8.1

2020-01-01

Information Sciences

Abstract:Cloud storage auditing is a service that is usually provided to enable clients to verify the integrity of their data stored in the cloud. However, clients risk exposing their secret key. To address the problem of key exposure, researchers have provided “Forward Security” by dividing the entire lifetime of the secret key into several periods and updating the secret key within each of these periods. Forward security can ensure the validity of authenticators before the period in which the secret key is fully exposed. However, the security of these protocols can be broken by launching side-channel attacks to leak the secret key partially rather than fully. In this study, we focus on implementing measures in cloud storage auditing to protect against side-channel attacks in practice. We formalize the definition and security model of a cloud storage auditing protocol, which supports forward security under continual key-leakage, and construct the first protocol. Our protocol remains secure even if an adversary obtains partial leakage of the secret key during a period. In addition, if the secret key were to be fully disclosed in a certain period, our protocol would maintain forward security. Therefore, the proposed protocol provides stronger security compared with existing protocols.

Jining Zhao,Chunxiang Xu,Kefei Chen

DOI: https://doi.org/10.1016/j.jisa.2019.04.002

2018-01-01

Abstract:In big data age, flexible cloud service greatly enhances productivity for enterprises and individuals in different applications. When cloud access is restricted, data owner could authorize a proxy to process the data, and upload them to enjoy the powerful cloud storage service. Meanwhile, outsourced data integrity breach becomes a serious security issue for cloud storage. Identity Based Provable Data Possession (PDP) as a critical technology, could enable each data owner to efficiently verify cloud data integrity, without downloading entire copy and complicated public key certificate management issue. But it remains a great challenge for multiple data owners to efficiently and securely perform batch data integrity checking on huge data on different storage clouds, with proxy processing. Yu et al. recently proposed an Identity-Based Public Auditing for Dynamic Outsourced Data with Proxy Processing ( https://doi.org/10.3837/tiis.2017.10.019 ), which tried to address this problem. In this article, we first demonstrate that this scheme is insecure since malicious clouds could pass integrity auditing without original data. Additionally, malicious clouds are able to recover the proxys private key and thus impersonate proxy to arbitrarily forge tags for any modified data. Secondly, in order to repair these security flaws, we propose an improved scheme to enable secure identity based batch public auditing with proxy processing. Thirdly, the security of our improved scheme is proved under CDH hard problem in the random oracle model. The complexity analysis of its performance shows better efficiency over identity-based proxy-oriented data uploading and remote data integrity checking in public cloud on single owner effort on a single cloud, which will benefit big data storage if it is extrapolated in real application.

Chunxiang Xu,Yuan Zhang,Yong Yu,Xiaojun Zhang,Junwei Wen

DOI: https://doi.org/10.3837/tiis.2014.11.032

2014-01-01

KSII Transactions on Internet and Information Systems

Abstract:Cloud storage provides an easy, cost-effective and reliable way of data management for users without the burden of local data storage and maintenance. Whereas, this new paradigm poses many challenges on integrity and privacy of users' data, since users losing grip on their data after outsourcing the data to the cloud server. In order to address these problems, recently, Worku et al. have proposed an efficient privacy-preserving public auditing scheme for cloud storage. However, in this paper, we point out the security flaw existing in the scheme. An adversary, who is on-line and active, is capable of modifying the outsourced data arbitrarily and avoiding the detection by exploiting the security flaw. To fix this security flaw, we further propose a secure and efficient privacy-preserving public auditing scheme, which makes up the security flaw of Worku et al.'s scheme while retaining all the features. Finally, we give a formal security proof and the performance analysis, they show the proposed scheme has much more advantages over the Worku et al.'s scheme.

Li Zang,Yong Yu,Liang Xue,Yannan Li,Yujie Ding,Xiaoling Tao

DOI: https://doi.org/10.1007/s00779-017-1052-y

2017-01-01

Personal and Ubiquitous Computing

Abstract:Smart city has been greatly promoted by the adoption of information and communication technology. At the same time, data integrity becomes an urgent necessity in cloud storage scenario. When smart city meets cloud, if the data are damaged or corrupted, it will be a serious security loophole of smart city. Recently, numerous remote data auditing (RDA) protocols have been presented, among which Sookhak et al. put forward a dynamic remote data auditing protocol to deal with this major concern. In this paper, we found that this protocol has inherent security flaws, thus fails to achieve its original goal. Specifically, this protocol is vulnerable to two types of attacks, namely replace attack and replay attack. We show the details that how a malicious server can deceive data owners to believe that the data are maintained well by launching such attacks. Then, we describe an improved RDA protocol with provable security by utilizing algebraic signature to fix those security flaws. We employ the rank-based Merkle Hash Tree to achieve verifiable dynamic data operations for our RDA protocol. We also provide detailed security proof of the proposed RDA protocol.

Xinpeng Zhang,Chunxiang Xu,Xiaojun Zhang,Taizong Gu,Zhi Geng,Guoping Liu

DOI: https://doi.org/10.3390/info7020031

2016-01-01

Information

Abstract:With the advent of the big data era, cloud data storage and retrieval have become popular for efficient data management in large companies and organizations, thus they can enjoy the on-demand high-quality cloud storage service. Meanwhile, for security reasons, those companies and organizations would like to verify the integrity of their data once storing it in the cloud. To address this issue, they need a proper cloud storage auditing scheme which matches their actual demands. Current research often focuses on the situation where the data manager owns the data; however, the data belongs to the company, rather than the data managers in the real situation which has been overlooked. For example, the current data manager is no longer suitable to manage the data stored in the cloud after a period and will be replaced by another one. The successor needs to verify the integrity of the former managed data; this problem is obviously inevitable in reality. In this paper, we fill this gap by giving a practical efficient revocable privacy-preserving public auditing scheme for cloud storage meeting the auditing requirement of large companies and organization’s data transfer. The scheme is conceptually simple and is proven to be secure even when the cloud service provider conspires with revoked users.

Jian Zhang,Yang,Yanjiao Chen,Fei Chen

DOI: https://doi.org/10.1109/iwqos.2017.7969107

2017-01-01

Abstract:With the development of cloud storage, data owners no longer physically possess their data and thus how to ensure the integrity of their outsourced data becomes a challenging task. Several protocols have been proposed to audit cloud storage, all of which rely mainly on data block tags to check data integrity. However, their block tag constructions employ cryptographic operations, which makes them computationally complex. In this paper, we investigate a secure cloud storage protocol based on the classic discrete logarithm problem. Our protocol generates data block tags with only basic algebraic operations, which brings substantial computation savings compared with previous work. We also strictly prove that the proposed protocol is secure under a definition which captures the real-world uses of cloud storage. In order to fit more application scenarios, we extend the proposed protocol to support data dynamics by employing an index vector and third-party public auditing by using a random masking number, both of which are efficient and provably secure. At last, theoretical analysis and experimental evaluation are provided to validate the superiority of the proposed protocol.

Ying Miao,Yapeng Miao,Xuexue Miao

DOI: https://doi.org/10.1007/s10619-024-07446-4

IF: 0.974

2024-11-09

Distributed and Parallel Databases

Abstract:To improve the data security and integrity of the outsourced data, storing multiple copies of data on multiple cloud servers is a good way. Many public Provable Data Possession (PDP) schemes in multiple cloud servers have been proposed in recent years. However, in some scenarios, the Data Owner (DO) may not want anyone (e.g. a stranger) to check the integrity of their data. Nevertheless, few schemes consider the fault's location function when the data auditing fails. Another problem is that anyone can make a challenge for the Cloud Server (CS) in the PDP schemes. Some access control strategies are necessary to reduce the waste of computation power resources of the CS. To solve these problems, we propose a certificateless and designed-verifier auditing scheme in multi-cloud storage environments. In our scheme, we utilize certificateless signature combined with a delegation key to achieve designed-verifier auditing. We design a secret Merkle Hash Tree (MHT) to locate the faults of CSs and data blocks. We utilize Zero-Knowledge Proof (ZKP) to achieve access control. Theoretical and experimental evaluation show that the proposed scheme is efficient and practical.

computer science, information systems, theory & methods

Jianhong Zhang,Hongxin Meng,Yong Yu

DOI: https://doi.org/10.1007/s10586-017-0804-9

2017-01-01

Cluster Computing

Abstract:As an important cloud service, cloud storage can provide flexible data outsourcing services for data users. After the data are outsourced to the cloud, data user no longer physical controls over the stored data. To ensure these data to be kept intact at the cloud servers, many different solutions have been proposed. Whereas most of existing solutions can only deal with static data. To support dynamic data, some schemes solve it by adopting authenticated data structure. To the best of our knowledge, these schemes may exist the following flaws: (1) they bring heavy communication/computation burdens to the auditor; (2) they exist some security attack; (3) they are only proven to be secure in the random orale model; (4) data may be leaked in the auditing. Motivated by the above problems, we propose two novel public auditing schemes by introducing rb23Tree data structure. They can not only achieve public verification, but also support dynamics data updating. Furthermore, our second scheme also supports data privacy. As for the auditor, to reduce its computational cost and communication cost, our scheme migrates the partial auditing metadata from the cloud server to the auditor, it makes that communication overhead between the auditor and cloud server is constant. Finally, we show that our schemes are proven to be secure in the standard model, and evaluate the auditing performance by simulation experiment and comparison with Wang et al.’s scheme. The results demonstrate that our schemes outperforms Wang et al.’s scheme in terms of computation costs and communication overhead.

Yong Yu,Lei Niu,Guomin Yang,Yi Mu,Willy Susilo

DOI: https://doi.org/10.1016/j.future.2013.05.005

IF: 7.307

2014-01-01

Future Generation Computer Systems

Abstract:Cloud computing is a novel computing model that enables convenient and on-demand access to a shared pool of configurable computing resources. Auditing services are highly essential to make sure that the data is correctly hosted in the cloud. In this paper, we investigate the active adversary attacks in three auditing mechanisms for shared data in the cloud, including two identity privacy-preserving auditing mechanisms called Oruta and Knox, and a distributed storage integrity auditing mechanism. We show that these schemes become insecure when active adversaries are involved in the cloud storage. Specifically, an active adversary can arbitrarily alter the cloud data without being detected by the auditor in the verification phase. We also propose a solution to remedy the weakness without sacrificing any desirable features of these mechanisms.

Solomon Guadie Worku,Chunxiang Xu,Jining Zhao

DOI: https://doi.org/10.1007/s11704-013-3138-7

IF: 2.6688

2014-01-01

Frontiers of Computer Science

Abstract:An auditing scheme is a good way to prove owner’s data outsourced to the cloud are kept intact, and a scheme capable of giving public verifiability service is a good option that some researchers have managed to build for the last few years. However, in a public auditing scheme everybody does verification of data and a possibility of leaking some secrete information to the public verifiers is an issue that data owners are unhappywith this scenario. For example, the data owner does not want anybody else to know he has the data stored in the cloud server. Motivated by the issue of privacy associated with public auditing system, we proposed a designated verifier auditing (DVA) scheme based on Steinfeld et al.’s universal designated verifier (DV) signature scheme. Our DVA scheme authorizes a third party auditor with private verification capability. It provides private verification because the scheme involves private key of the verifier. Moreover, we present the batch auditing scheme to improve auditing efficiency. Through rigorous security analysis we showed that our scheme is provably secure in the random oraclemodel assuming that the computational Diffie-Hellman (CDH) problem is hard over the group of bilinear maps.

Yong Yu,Yannan Li,Bo Yang,Willy Susilo,Guomin Yang,Jian Bai

DOI: https://doi.org/10.1109/tetc.2017.2759329

2020-01-01

IEEE Transactions on Emerging Topics in Computing

Abstract:Outsourced storage such as cloud storage can significantly reduce the burden of data management of data owners. Despite of a long list of merits of cloud storage, it triggers many security risks at the same time. Data integrity, one of the most burning challenges in secure cloud storage, is a fundamental and pivotal element in outsourcing services. Outsourced data auditing protocols enable a verifier to efficiently check the integrity of the outsourced files without downloading the entire file from the cloud, which can dramatically reduce the communication overhead between the cloud server and the verifier. Existing protocols are mostly based on public key infrastructure or an exact identity, which lacks flexibility of key management. In this paper, we seek to address the complex key management challenge in cloud data integrity checking by introducing attribute-based cloud data auditing, where users can upload files to cloud through some customized attribute set and specify some designated auditor set to check the integrity of the outsourced data. We formalize the system model and the security model for this new primitive, and describe a concrete construction of attribute-based cloud data integrity auditing protocol. The new protocol offers desirable properties namely attribute privacy-preserving and collusion-resistance. We prove soundness of our protocol based on the computational Diffie-Hellman assumption and the discrete logarithm assumption. Finally, we develop a prototype of the protocol which demonstrates the practicality of the protocol.

Qingxuan Wang,Chi Cheng,Rui Xu,Jintai Ding,Zhe Liu

DOI: https://doi.org/10.1109/TSC.2020.3041324

IF: 11.019

2022-01-01

IEEE Transactions on Services Computing

Abstract:Recently, Zhang et al. proposed a lattice-based data outsourcing scheme with public integrity verification (DOPIV), which enables an original data owner to delegate a proxy to generate the signatures of data and outsource them to the cloud server. They employed a third party auditor (TPA) to check the integrity of the outsourced data and any TPA can verify the data integrity efficiently. DOPIV is claimed to achieve proxy-oriented secure data outsourcing as well as storage correctness guarantee. Unfortunately, we find that there exist vulnerabilities in DOPIV which allow the cloud server to simply delete the received data without being noticed by the TPA. Fortunately, we come up with a simple and efficient solution to thwart the proposed attack. Our improved scheme maintains all the features claimed in DOPIV.

Da Xiao,Lvyin Yang,Chuanyi Liu,Bin Sun,Shihui Zheng

DOI: https://doi.org/10.1587/transinf.2014ICP0016

2015-01-01

IEICE Transactions on Information and Systems

Abstract:Provable Data Possession (PDP) schemes enable users to efficiently check the integrity of their data in the cloud. Support for massive and dynamic sets of data and adaptability to third-party auditing are two key factors that affect the practicality of existing PDP schemes. We propose a secure and efficient PDP system called IDPA-MF-PDP, by exploiting the characteristics of real-world cloud storage environments. The cost of auditing massive and dynamic sets of data is dramatically reduced by utilizing a multiple-file PDP scheme (MF-PDP), based on the data update patterns of cloud storage. Deployment and operational costs of third-party auditing and information leakage risks are reduced by an auditing framework based on integrated data possession auditors (DPAs), instantiated by trusted hardware and tamper-evident audit logs. The interaction protocols between the user, the cloud server, and the DPA integrate MF-PDP with the auditing framework. Analytical and experimental results demonstrate that IDPA-MF-PDP provides the same level of security as the original PDP scheme while reducing computation and communication overhead on the DPA, from linear the size of data to near constant. The performance of the system is bounded by disk I/O capacity.

Hong Lei,Zijian Bao,Qinghao Wang,Yongxin Zhang,Wenbo Shi

DOI: https://doi.org/10.1007/978-981-15-9213-3_21

2020-01-01

Abstract:With the continuous growth of data resources, outsourcing data storage to cloud service providers is becoming the norm. Unfortunately, once data are stored on the cloud platform, they will be out of data owners’ control. Thus, it is critical to guarantee the integrity of the remote data. To solve this problem, researchers have proposed many data auditing schemes, which often employ a trusted role named Third Party Auditor (TPA) to verify the integrity. However, the TPA may not be reliable as expected. For example, it may collude with cloud service providers to hide the fact of data corruption for benefits. Blockchain has the characteristics of decentralization, non-tampering, and traceability, which provides a solution to trace the malicious behaviors of the TPA. Moreover, Intel SGX, as the popular trusted computing technology, can be used to protect the correctness of the auditing operations with a slight performance cost, which excellently serves as the of the blockchain-based solution. In this paper, we propose a secure auditing scheme based on the blockchain and Intel SGX technology, termed SDABS. The scheme follows the properties of storage correctness, data-preserving, accountability, and anti-collusion. The experiment results show that our scheme is efficient.

Xiaojun Zhang,Huaxiong Wang,Chunxiang Xu

DOI: https://doi.org/10.1016/j.ins.2018.09.013

IF: 8.1

2019-01-01

Information Sciences

Abstract:With the rapid development of cloud auditing services, key exposure has been highlighted as a serious security issue. Using the exposed private key of a client, cloud servers can forge previous auditing proofs to cheat auditors. To date, a few pairing-based cloud storage auditing schemes addressing key exposure have been proposed. However, they are not secure from quantum attacks, and they rely on public key infrastructure (PKI), which involves complex certificate management. In this paper, we propose an efficient identity-based key-exposure resilient public auditing scheme from lattice assumptions in cloud storage. Our scheme is not only quantum-resistant, but eliminates the need to establish a PKI. We employ lattice basis delegation technique to update a client’s private key flexibly, keeping the private key size constant. Based on the hardness of lattice assumptions, we prove the forward security of storage correctness guarantee against malicious cloud servers in detail, and that the proposed scheme preserves privacy against curious auditors. Furthermore, we conduct a performance comparison to demonstrate that our scheme is much more efficient and practical for post-quantum secure cloud storage.