Public Cloud Data Auditing with Practical Key Update and Zero Knowledge Privacy

Data integrity is extremely important for cloud based storage services, where cloud users no longer have physical possession of their outsourced files. A number of data auditing mechanisms have been proposed to solve this problem. However, how to update a

  • PDF / 376,002 Bytes
  • 17 Pages / 439.37 x 666.142 pts Page_size
  • 68 Downloads / 166 Views

DOWNLOAD

REPORT


School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu 611731, China [email protected] 2 Guangxi Colleges and Universities Key Laboratory of Cloud Computing and Complex Systems, Guilin University of Electronic Technology, Guilin 541004, China 3 Department of Computing, The Hong Kong Polytechnic University, Kowloon, China 4 School of Computing and Information Technology, Center for Computer and Information Security Research, University of Wollongong, Wollongong, NSW 2522, Australia 5 School of Information Technology and Mathematical Sciences, University of South Australia, Adelaide, Australia

Abstract. Data integrity is extremely important for cloud based storage services, where cloud users no longer have physical possession of their outsourced files. A number of data auditing mechanisms have been proposed to solve this problem. However, how to update a cloud user’s private auditing key (as well as the authenticators those keys are associated with) without the user’s re-possession of the data remains an open problem. In this paper, we propose a key-updating and authenticator-evolving mechanism with zero-knowledge privacy of the stored files for secure cloud data auditing, which incorporates zero knowledge proof systems, proxy re-signatures and homomorphic linear authenticators. We instantiate our proposal with the state-of-the-art Shacham-Waters auditing scheme. When the cloud user needs to update his key, instead of downloading the entire file and re-generating all the authenticators, the user can just download and update the authenticators. This approach dramatically reduces the communication and computation cost while maintaining the desirable security. We formalize the security model of zero knowledge data privacy for auditing schemes in the key-updating context and prove the soundness and zero-knowledge privacy of the proposed construction. Finally, we analyze the complexity of communication, computation and storage costs of the improved protocol which demonstrates the practicality of the proposal.

1

Introduction

Cloud storage, which enables cloud users to move their data from local storage systems to the cloud, is an important service offered by cloud computing [1]. c Springer International Publishing Switzerland 2016  J.K. Liu and R. Steinfeld (Eds.): ACISP 2016, Part I, LNCS 9722, pp. 389–405, 2016. DOI: 10.1007/978-3-319-40253-6 24

390

Y. Yu et al.

This kind of new storage service has many advantages such as relieving users’ burden of data management and maintenance, universal data access with independent geographical locations and avoiding capital cost on hardware and software [2]. Currently, an increasing number of users prefer to store their data in the cloud such as Amazon S3, Google cloud storage and Microsoft Skydrive [3]. However, at the meantime, cloud storage also brings a number of challenging security problems [4] despite of its appealing features. Due to losing physical possession and control of their outsourced data, cloud users woul