Abstract
Cloud servers offer data outsourcing facility to their clients. A client outsources her data without having any copy at her end. Therefore, she needs a guarantee that her data are not modified by the server which may be malicious. Data auditing is performed on the outsourced data to resolve this issue. Moreover, the client may want all her data to be stored untampered. In this chapter, we describe proofs of retrievability (POR) that convince the client about the integrity of all her data.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
- 2.
Random oracle model is a model of computation where the security of a cryptographic scheme is proven assuming a cryptographic hash function used in the scheme as a truly random function.
References
Amazon: Amazon S3. http://aws.amazon.com/s3/
Armknecht F, Bohli J, Karame GO, Liu Z, Reuter CA (2014) Outsourced proofs of retrievability. In: Proceedings of the 2014 ACM conference on computer and communications security, Scottsdale, 3–7 Nov 2014, pp 831–843
Arora S, Barak B (2009) Computational complexity – a modern approach. Cambridge University Press, New York
Ateniese G, Burns R, Curtmola R, Herring J, Khan O, Kissner L, Peterson Z, Song D (2011) Remote data checking using provable data possession. ACM Trans Inf Syst Secur 14(1):12:1–12:34
Ateniese G, Burns RC, Curtmola R, Herring J, Kissner L, Peterson ZNJ, Song DX (2007) Provable data possession at untrusted stores. In: Proceedings of the 2007 ACM conference on computer and communications security, CCS 2007, Alexandria, pp 598–609
Ateniese G, Pietro RD, Mancini LV, Tsudik G (2008) Scalable and efficient provable data possession. In: 4th international ICST conference on security and privacy in communication networks, SECURECOMM 2008, Istanbul, p 9
Bellare M, Guérin R, Rogaway P (1995) XOR MACs: new methods for message authentication using finite pseudorandom functions. In: Advances in cryptology – CRYPTO 1995, Santa Barbara, pp 15–28
Bellare M, Rogaway P (1993) Random oracles are practical: a paradigm for designing efficient protocols. In: Proceedings of the 1993 ACM conference on computer and communications security, CCS 1993, New York. ACM, pp 62–73
Boneh D, Boyen X, Shacham H (2004) Short group signatures. In: Franklin M (ed) Advances in cryptology – CRYPTO 2004. Lecture notes in computer science, vol 3152. Springer, Berlin/Heidelberg, pp 41–55
Boneh D, Gentry C, Lynn B, Shacham H (2003) Aggregate and verifiably encrypted signatures from bilinear maps. In: Biham E (ed) Advances in cryptology – EUROCRYPT 2003. Lecture notes in computer science, vol 2656. Springer, Berlin/Heidelberg, pp 416–432
Boneh D, Lynn B, Shacham H (2004) Short signatures from the Weil pairing. J Cryptol 17(4):297–319
Bowers KD, Juels A, Oprea A (2009) HAIL: a high-availability and integrity layer for cloud storage. In: Proceedings of the 2009 ACM conference on computer and communications security, CCS 2009, Chicago, 9–13 Nov 2009, pp 187–198
Bowers KD, Juels A, Oprea A (2009) Proofs of retrievability: theory and implementation. In: Proceedings of the first ACM cloud computing security workshop, CCSW 2009, Chicago, 13 Nov 2009, pp 43–54
Camenisch J, Hohenberger S, Pedersen M.Ø (2012) Batch verification of short signatures. J Cryptol 25(4):723–747
Camenisch J, Lysyanskaya A (2004) Signature schemes and anonymous credentials from bilinear maps. In: Franklin M (ed) Advances in cryptology – CRYPTO 2004. Lecture notes in computer science, vol 3152. Springer, Berlin/Heidelberg, pp 56–72
Cash D, Küpçü A, Wichs D (2013) Dynamic proofs of retrievability via oblivious RAM. In: Johansson T, Nguyen P (eds) Advances in cryptology – EUROCRYPT 2013. Lecture notes in computer science, vol 7881. Springer, Berlin/Heidelberg, pp 279–295
Cha JC, Cheon JH (2003) An identity-based signature from gap Diffie-Hellman groups. In: Desmedt Y (ed) Public key cryptography – PKC 2003. Lecture notes in computer science, vol 2567. Springer, Berlin/Heidelberg, pp 18–30
Chandran N, Kanukurthi B, Ostrovsky R (2014) Locally updatable and locally decodable codes. In: Proceedings of theory of cryptography – 11th theory of cryptography conference, TCC 2014, San Diego, 24–26 Feb 2014, pp 489–514
Chow SSM, Yiu S, Hui LCK (2005) Efficient identity based ring signature. In: Ioannidis J, Keromytis A, Yung M (eds) Applied cryptography and network security – ACNS 2005. Lecture notes in computer science, vol 3531. Springer, Berlin/Heidelberg, pp 499–512
Curtmola R, Khan O, Burns RC, Ateniese G (2008) MR-PDP: multiple-replica provable data possession. In: 28th IEEE international conference on distributed computing systems (ICDCS 2008), Beijing, pp 411–420
Diffie W, Hellman M (2006) New directions in cryptography. IEEE Trans Inf Theory 22(6):644–654
Dodis Y, Vadhan SP, Wichs D (2009) Proofs of retrievability via hardness amplification. In: Theory of cryptography, 6th theory of cryptography conference, TCC 2009, San Francisco, pp 109–127
Dropbox: Dropbox. https://www.dropbox.com/
ElGamal T (1985) A public key cryptosystem and a signature scheme based on discrete logarithms. In: Blakley G, Chaum D (eds) Advances in cryptology – CRYPTO 1984. Lecture notes in computer science, vol 196. Springer, Berlin/Heidelberg, pp 10–18
Erway CC, Küpçü A, Papamanthou C, Tamassia R (2009) Dynamic provable data possession. In: Proceedings of the 2009 ACM conference on computer and communications security, CCS 2009, Chicago, pp 213–222
Fiat A, Shamir A (1987) How to prove yourself: practical solutions to identification and signature problems. In: Odlyzko A (ed) Advances in cryptology – CRYPTO 1986. Lecture notes in computer science, vol 263. Springer, Berlin/Heidelberg, pp 186–194
Galbraith SD, Paterson KG, Smart NP (2008) Pairings for cryptographers. Discret Appl Math 156(16):3113–3121
Goldreich O (2001) The foundations of cryptography – volume 1, basic techniques. Cambridge University Press, Cambridge/New York
Goldreich O (2004) The foundations of cryptography – volume 2, basic applications. Cambridge University Press, New York
Goldreich O (2008) Computational complexity – a conceptual perspective. Cambridge University Press, Cambridge/New York
Goldreich O, Ostrovsky R (1996) Software protection and simulation on oblivious RAMs. J ACM 43(3):431–473
Goldwasser S, Micali S, Rivest RL (1988) A digital signature scheme secure against adaptive chosen-message attacks. SIAM J Comput 17(2):281–308
Goodrich MT, Mitzenmacher M (2011) Privacy-preserving access of outsourced data via oblivious RAM simulation. In: Automata, languages and programming – 38th international colloquium, ICALP 2011, Zurich, part II, pp 576–587
Google: Google Drive. https://www.google.com/drive/
Hess F (2002) Efficient identity based signature schemes based on pairings. In: Nyberg K, Heys H (eds) Selected areas in cryptography – SAC 2002. Lecture notes in computer science, vol 2595. Springer, Berlin/Heidelberg, pp 310–324
Johnson D, Menezes A, Vanstone S (2001) The elliptic curve digital signature algorithm (ECDSA). Int J Inf Secur 1(1):36–63
Jr., JLD, Stefanov E, Shi E (2014) Burst ORAM: minimizing ORAM response times for bursty access patterns. In: Proceedings of the 23rd USENIX security symposium, San Diego, pp 749–764
Juels A, Kaliski Jr. BS (2007) PORs: proofs of retrievability for large files. In: Proceedings of the 2007 ACM conference on computer and communications security, CCS 2007, New York. ACM, pp 584–597
Katz J, Lindell Y (2007) Introduction to modern cryptography. Chapman and Hall/CRC, Boca Raton
Koblitz N, Menezes A (2005) Pairing-based cryptography at high security levels. In: Smart N (ed) Cryptography and coding. Lecture notes in computer science, vol 3796. Springer, Berlin/Heidelberg, pp 13–36
Lamport L (1979) Constructing digital signatures from a one-way function. Technical report, Computer Science Laboratory, SRI International (Oct 1979)
Luby M, Rackoff C (1988) How to construct pseudorandom permutations from pseudorandom functions. SIAM J Comput 17(2):373–386
Lynn B (2007) On the implementation of pairing-based cryptosystems. PhD thesis, Stanford University (June 2007). https://crypto.stanford.edu/pbc/thesis.pdf
MacWilliams FJ, Sloane NJA (1977) The theory of error-correcting codes. North-Holland Publishing Company, Amsterdam/New York
Merkle R (1990) A certified digital signature. In: Brassard G (ed) Advances in cryptology – CRYPTO 1989. Lecture notes in computer science, vol 435. Springer, New York, pp 218–238
Mitzenmacher M (2004) Digital fountains: a survey and look forward. In: Proceedings of ITW 2004, San Antonio, pp 271–276
Naor M, Rothblum GN (2009) The complexity of online memory checking. J ACM 56(1):2:1–2:46
NIST: Recommendation for block cipher modes of operation: the CMAC mode for authentication (May 2005). http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf
NIST: The keyed-hash message authentication code (HMAC) (July 2008). http://csrc.nist.gov/publications/fips/fips198-1/FIPS-198-1_final.pdf
NIST: Digital Signature Standard (DSS) (July 2013). http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf
Paterson MB, Stinson DR, Upadhyay J (2013) A coding theory foundation for the analysis of general unconditionally secure proof-of-retrievability schemes for cloud storage. J Math Cryptol 7(3):183–216
Pinkas B, Reinman T (2010) Oblivious RAM revisited. In: Advances in cryptology – CRYPTO 2010, Santa Barbara, pp 502–519
Rabin MO (1979) Digitalized signatures and public-key functions as intractable as factorization. Technical report, Massachusetts Institute of Technology, Cambridge
Reed IS, Solomon G (1960) Polynomial codes over certain finite fields. J Soc Ind Appl Math 8(2):300–304
Rivest RL, Shamir A, Adleman L (1978) A method for obtaining digital signatures and public-key cryptosystems. Commun ACM 21(2):120–126
Schnorr C (1991) Efficient signature generation by smart cards. J Cryptol 4(3):161–174
Shacham H, Waters B (2008) Compact proofs of retrievability. In: Advances in cryptology – ASIACRYPT 2008, Melbourne, pp 90–107
Shacham H, Waters B (2013) Compact proofs of retrievability. J Cryptol 26(3):442–483
Shi E, Chan TH, Stefanov E, Li M (2011) Oblivious RAM with O((logN)3) worst-case cost. In: Advances in cryptology – ASIACRYPT 2011, Seoul, pp 197–214
Shi E, Stefanov E, Papamanthou C (2013) Practical dynamic proofs of retrievability. In: Proceedings of the 2013 ACM conference on computer and communications security, CCS 2013, New York. ACM, pp 325–336
Sipser M (1997) Introduction to the theory of computation. PWS Publishing Company, Boston
Stefanov E, Shi E, Song DX (2012) Towards practical oblivious RAM. In: 19th annual network and distributed system security symposium, NDSS 2012, San Diego
Stefanov E, van Dijk M, Juels A, Oprea A (2012) Iris: a scalable cloud file system with efficient integrity checks. In: 28th annual computer security applications conference, ACSAC 2012, Orlando, pp 229–238
Stefanov E, van Dijk M, Shi E, Fletcher CW, Ren L, Yu X, Devadas S (2013) Path ORAM: an extremely simple oblivious RAM protocol. In: 2013 ACM conference on computer and communications security, CCS 2013, Berlin, pp 299–310
Stinson DR (2006) Cryptography – theory and practice. Discrete mathematics and its applications series. Chapman and Hall/CRC, Boca Raton
Wang C, Chow SSM, Wang Q, Ren K, Lou W (2013) Privacy-preserving public auditing for secure cloud storage. IEEE Trans Comput 62(2):362–375
Wang XS, Huang Y, Chan TH, Shelat A, Shi E (2014) SCORAM: Oblivious RAM for secure computation. In: Proceedings of the 2014 ACM conference on computer and communications security, CCS 2014, Scottsdale, pp 191–202
Wikipedia: Discrete logarithm. https://en.wikipedia.org/wiki/Discrete_logarithm
Wikipedia: Fast fourier transform. https://en.wikipedia.org/wiki/Fast_Fourier_transform
Wikipedia: Integer factorization. https://en.wikipedia.org/wiki/Integer_factorization
Wikipedia: Merkle tree. https://en.wikipedia.org/wiki/Merkle_tree
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Sengupta, B., Ruj, S. (2015). Cloud Data Auditing Using Proofs of Retrievability. In: Zhu, S., Hill, R., Trovati, M. (eds) Guide to Security Assurance for Cloud Computing. Computer Communications and Networks. Springer, Cham. https://doi.org/10.1007/978-3-319-25988-8_11
Download citation
DOI: https://doi.org/10.1007/978-3-319-25988-8_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-25986-4
Online ISBN: 978-3-319-25988-8
eBook Packages: Computer ScienceComputer Science (R0)