Abstract:Cloud storage security has gained considerable research efforts with the wide adoption of cloud computing. As a security mechanism, researchers have been investigating cloud storage auditing schemes that enable a user to verify whether the cloud keeps the user's outsourced data undamaged. However, existing schemes have usability issues in compatibility with existing real world cloud storage applications, error-tolerance, and efficiency. To mitigate this usability gap, this article proposes a new general cloud storage auditing scheme that is more usable. The proposed scheme uses the idea of integrating linear error correcting codes and linear homomorphic authentication schemes together. This integration uses only one additional block to achieve error tolerance and authentication simultaneously. To demonstrate the power of the general construction, we also propose one detailed scheme based on the proposed general construction using the Reed Solomon code and the universal hash based MAC authentication scheme, both of which are implemented over the computation-efficient Galois field $mathrm {GF}{(2^8)}$<math> GF (28)</math>. We also show that the proposed scheme is secure under the standard definition. Moreover, we implemented and open-sourced the proposed scheme. Experimental results show that the proposed scheme is orders of magnitude more efficient than the state-of-the-art scheme.

What problem does this paper attempt to address?

The paper primarily focuses on addressing the audit issues in cloud storage security, particularly improving the usability of existing cloud storage audit schemes. Specifically, the research makes improvements targeting the following three main issues: 1. **Compatibility**: Existing cloud storage audit schemes are incompatible with practical applications (e.g., file preview). 2. **Fault Tolerance**: Existing schemes have low tolerance for data errors, meaning users cannot recover data when part of it is corrupted. 3. **Efficiency**: Current audit schemes are inefficient in terms of computation and communication. ### Research Contributions To tackle the above challenges, the authors propose a new general cloud storage audit scheme that combines linear error correction codes and homomorphic authentication mechanisms, enabling efficient data auditing while maintaining data integrity. - **Scheme Design**: The new scheme utilizes Reed-Solomon coding and a universal hash-based MAC authentication scheme, performing efficient computations through the Galois field GF(2^8). By integrating error correction and authentication information into an additional data block, the scheme achieves self-verification capability for the data. - **Security and Practicality**: The scheme ensures security under standard definitions and significantly improves computational efficiency due to the use of efficient Galois field operations. - **Experimental Results**: Experiments validate the effectiveness and efficiency of the new scheme, showing an order of magnitude advantage over existing technologies when handling large datasets. ### Technical Details - **Design of Authentication Tags**: To achieve both error tolerance and authentication functions, the authors designed an authentication tag composed of error correction codes and authentication information, merged together through simple addition operations, requiring only one additional data block. - **Security Assurance**: By adding random elements to the authentication tags, the difficulty of forging authentication tags is increased, thereby enhancing system security. - **Support for Dynamic Data Changes**: By using an index table to record changes in data blocks, the scheme effectively supports operations such as data addition, deletion, and modification. In summary, this paper proposes an innovative cloud storage audit scheme that effectively addresses the shortcomings of existing schemes in terms of compatibility, fault tolerance, and efficiency, providing a more practical and efficient solution for secure auditing of cloud storage.

Towards Usable Cloud Storage Auditing

A Compressive Integrity Auditing Protocol for Secure Cloud Storage

A Secure Cloud Storage System Based on Discrete Logarithm Problem.

An Efficient Provable Secure Public Auditing Scheme for Cloud Storage.

Toward Secure and Dependable Storage Services in Cloud Computing

Cryptographic Public Verification of Data Integrity for Cloud Storage Systems

Dynamic-Hash-Table Based Public Auditing for Secure Cloud Storage

An Efficient Protocol with Bidirectional Verification for Storage Security in Cloud Computing

Public cloud object storage auditing: Design, implementation, and analysis

Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing

Secure Cloud Storage Hits Distributed String Equality Checking: More Efficient, Conceptually Simpler, And Provably Secure

A scheme to ensure data security of cloud storage

An efficient certificateless public auditing scheme in cloud storage

Insecurity of an Efficient Privacy-preserving Public Auditing Scheme for Cloud Data Storage.

New Data Storage Auditing Protocols

An improved identity-based public audit protocol for cloud storage

Secure and efficient privacy-preserving public auditing scheme for cloud storage

Improved Efficient Privacy-Preserving Certificateless Provable Data Possession Scheme for Cloud Storage

Privacy-Preserving Public Auditing for Data Storage Security in Cloud Computing

Public auditing for secure data storage in cloud through a third party auditor using modern ciphertext

Efficient Auditing Scheme for Secure Data Storage in Fog-to-Cloud Computing