research-article

Group-oriented Proofs of Storage

Authors:

Yunya ZhouAuthors Info & Claims

ASIA CCS '15: Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security

Pages 73 - 84

https://doi.org/10.1145/2714576.2714630

Published: 14 April 2015 Publication History

Abstract

We introduce and formalize the notion of group-oriented proofs of storage (GPoS). In GPoS, each file owner, after being authorized as a member by a group manager, can outsource files to a group storage account maintained by an untrusted party, for example, a cloud storage server, while anyone can efficiently verify the integrity of the remotely stored files without seeing the files. The file owner's identity privacy is preserved against the cloud server while the group manager can trace the one who outsourced any suspicious file for liability investigation. By novelly identifying and exploiting several useful properties, that is, homomorphic composability and homomorphic verifiability in some signatures, we propose a generic GPoS construction relying on the security of the underlying signature scheme and the hardness of the computational Diffie-Hellman (CDH) problem. Following the generic construction, we instantiate a concrete GPoS scheme with the well-known Boneh-Boyen short signature. By leveraging the polynomial commitment technique, the proposed GPoS proposal is optimized with constant-size bandwidth consumption in proof of storage by the cloud server. Theoretical analyses and comparisons show that our GPoS proposal is advantageous over existing PoS-like schemes in user privacy, public audibility and/or performance in a multi-user setting.

References

[1]

G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson, and D. Song. Provable Data Possession at Untrusted Stores. In Proceedings of the 14th ACM Conference on Computer and Communications Security, CCS'07, pages 598--609, New York, NY, USA, 2007. ACM.

Digital Library

[2]

G. Ateniese, R. Di Pietro, L. V. Mancini, and G. Tsudik. Scalable and Efficient Provable Data Possession. In Proceedings of the 4th International Conference on Security and Privacy in Communication Networks, SecureComm'08. ACM, 2008.

Digital Library

[3]

G. Ateniese, S. Kamara, and J. Katz. Proofs of Storage from Homomorphic Identification Protocols. In M. Matsui, editor, Advances in Cryptology - ASIACRYPT 2009, volume 5912 of LNCS, pages 319--333. Springer, Heidelberg, 2009.

Digital Library

[4]

D. Boneh and X. Boyen. Short Signatures Without Random Oracles and the SDH Assumption in Bilinear Groups. Journal of Cryptology, 21(2):149--177, 2008.

Digital Library

[5]

D. Cash, A. Küpçü, and D. Wichs. Dynamic Proofs of Retrievability via Oblivious RAM. In T. Johansson and P. Nguyen, editors, Advances in Cryptology - EUROCRYPT 2013, volume 7881 of LNCS, pages 279--295. Springer, Heidelberg, 2013.

[6]

H. Deng, Q. Wu, B. Qin, S. S. M. Chow, J. Domingo-Ferrer, and W. Shi. Tracing and Revoking Leaked Credentials: Accountability in Leaking Sensitive Outsourced Data. In Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security, ASIA CCS '14, pages 425--434, New York, NY, USA, 2014. ACM.

Digital Library

[7]

H. Deng, Q. Wu, B. Qin, J. Mao, X. Liu, L. Zhang, and W. Shi. Who Is Touching My Cloud. In M. Kutyłowski and J. Vaidya, editors, Computer Security - ESORICS 2014, volume 8712 of LNCS, pages 362--379. Springer International Publishing, 2014.

Digital Library

[8]

Y. Dodis, S. Vadhan, and D. Wichs. Proofs of Retrievability via Hardness Amplification. In O. Reingold, editor, Theory of Cryptography, volume 5444 of LNCS, pages 109--127. Springer, Heidelberg, 2009.

Digital Library

[9]

C. Erway, A. Küpçü, C. Papamanthou, and R. Tamassia. Dynamic Provable Data Possession. In Proceedings of the 16th ACM Conference on Computer and Communications Security, CCS'09, pages 213--222, New York, NY, USA, 2009. ACM.

Digital Library

[10]

R. Gennaro, S. Halevi, and T. Rabin. Secure Hash-and-Sign Signatures Without the Random Oracle. In J. Stern, editor, Advances in Cryptology - EUROCRYPT'99, volume 1592 of LNCS, pages 123--139. Springer, Heidelberg, 1999.

Digital Library

[11]

A. Juels and B. S. Kaliski Jr. PoRs: Proofs of Retrievability for Large Files. In Proceedings of the 14th ACM Conference on Computer and Communications Security, CCS'07, pages 584--597, New York, NY, USA, 2007. ACM.

Digital Library

[12]

A. Kate, G. Zaverucha, and I. Goldberg. Constant-Size Commitments to Polynomials and Their Applications. In M. Abe, editor, Advances in Cryptology - ASIACRYPT 2010, volume 6477 of LNCS, pages 177--194. Springer, Heidelberg, 2010.

[13]

H. Shacham and B. Waters. Compact Proofs of Retrievability. Journal of Cryptology, 26(3):442--483, 2013.

Digital Library

[14]

E. Shi, E. Stefanov, and C. Papamanthou. Practical Dynamic Proofs of Retrievability. In Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS'13, pages 325--336, New York, NY, USA, 2013. ACM.

Digital Library

[15]

B. Wang, S. S. M. Chow, M. Li, and H. Li. Storing Shared Data on the Cloud via Security-Mediator. In Distributed Computing Systems (ICDCS), 2013 IEEE 33rd International Conference on, pages 124--133, July 2013.

Digital Library

[16]

B. Wang, B. Li, and H. Li. Knox: Privacy-Preserving Auditing for Shared Data with Large Groups in the Cloud. In F. Bao, P. Samarati, and J. Zhou, editors, Applied Cryptography and Network Security, volume 7341 of LNCS, pages 507--525. Springer, Heidelberg, 2012.

Digital Library

[17]

B. Wang, B. Li, and H. Li. Oruta: Privacy-Preserving Public Auditing for Shared Data in the Cloud. In Cloud Computing (CLOUD), 2012 IEEE 5th International Conference on, pages 295--302, June 2012.

Digital Library

[18]

B. Wang, B. Li, and H. Li. Public auditing for shared data with efficient user revocation in the cloud. In INFOCOM, 2013 Proceedings IEEE, pages 2904--2912, April 2013.

[19]

B. Wang, H. Li, and M. Li. Privacy-preserving public auditing for shared cloud data supporting group dynamics. In Communications (ICC), 2013 IEEE International Conference on, pages 1946--1950, June 2013.

[20]

C. Wang, S. S. M. Chow, Q. Wang, K. Ren, and W. Lou. Privacy-Preserving Public Auditing for Secure Cloud Storage. Computers, IEEE Transactions on, 62(2):362--375, Feb 2013.

Digital Library

[21]

H. Wang, Q. Wu, B. Qin, and J. Domingo-Ferrer. Identity-based remote data possession checking in public clouds. Information Security, IET, 8(2):114--121, March 014.

[22]

Q. Wang, C. Wang, J. Li, K. Ren, and W. Lou. Enabling Public Verifiability and Data Dynamics for Storage Security in Cloud Computing. In M. Backes and P. Ning, editors, Computer Security - ESORICS 2009, volume 5789 of LNCS, pages 355--370. Springer, Heidelberg, 2009.

Digital Library

[23]

Y. Wang, Q. Wu, D. S. Wong, B. Qin, S. S. M. Chow, Z. Liu, and X. Tan. Securely Outsourcing Exponentiations with Single Untrusted Program for Cloud Storage. In M. Kutyłowski and J. Vaidya, editors, Computer Security - ESORICS 2014, volume 8712 of LNCS, pages 326--343. Springer International Publishing, 2014.

Digital Library

[24]

J. Xu and E.-C. Chang. Towards Efficient Proofs of Retrievability. In Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security, ASIACCS '12, pages 79--80, New York, NY, USA, 2012. ACM.

Digital Library

[25]

K. Yang and X. Jia. Data storage auditing service in cloud computing: challenges, methods and opportunities. World Wide Web, 15(4):409--428, 2012.

Digital Library

[26]

Y. Yu, Y. Mu, J. Ni, J. Deng, and K. Huang. Identity Privacy-Preserving Public Auditing with Dynamic Group for Secure Mobile Cloud Storage. In M. H. Au, B. Carminati, and C. C. J. Kuo, editors, Network and System Security, volume 8792 of LNCS, pages 28--40. Springer International Publishing, 2014.

[27]

J. Yuan and S. Yu. Proofs of Retrievability with Public Verifiability and Constant Communication Cost in Cloud. In Proceedings of the 2013 International Workshop on Security in Cloud Computing, Cloud Computing '13, pages 19--26, New York, NY, USA, 2013. ACM.

Digital Library

[28]

J. Yuan and S. Yu. Efficient public integrity checking for cloud data sharing with multi-user modification. In INFOCOM, 2014 Proceedings IEEE, pages 2121--2129, April 2014.

[29]

Y. Zhang and M. Blanton. Efficient Dynamic Provable Possession of Remote Data via Balanced Update Trees. In Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security, ASIA CCS'13, pages 183--194, New York, NY, USA, 2013. ACM.

Digital Library

[30]

Q. Zheng and S. Xu. Secure and Efficient Proof of Storage with Deduplication. In Proceedings of the Second ACM Conference on Data and Application Security and Privacy, CODASPY '12, pages 1--12, New York, NY, USA, 2012. ACM.

Digital Library

Cited By

Mageshwari MNaresh R(2024)Security Clouds to Improve Privacy and Conduct Continuous Audits in 6G Networked Environments Smart CitiesWireless Personal Communications10.1007/s11277-024-11023-4Online publication date: 8-May-2024
https://doi.org/10.1007/s11277-024-11023-4
Yang HYi ZWang XSu YTu ZYang X(2021)Improved Lightweight Cloud Storage Auditing Protocol for Shared Medical DataWireless Communications and Mobile Computing10.1155/2021/88867632021(1-13)Online publication date: 8-Jan-2021
https://doi.org/10.1155/2021/8886763
He KChen JYuan QJi SHe DDu R(2021)Dynamic Group-Oriented Provable Data Possession in the CloudIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2019.2925800(1-1)Online publication date: 2021
https://doi.org/10.1109/TDSC.2019.2925800
Show More Cited By

Index Terms

Group-oriented Proofs of Storage

Recommendations

Dynamic Provable Data Possession

As storage-outsourcing services and resource-sharing networks have become popular, the problem of efficiently proving the integrity of data stored at untrusted servers has received increased attention. In the Provable Data Possession (PDP) model, the ...
Identity-based provable data possession revisited

Provable Data Possession (PDP), which enables cloud users to verify the data integrity without retrieving the entire file, is highly essential for cloud storage. Observing all the existing PDP schemes rely on the Public Key Infrastructure (PKI), Wang ...
A hill cipher-based remote data possession checking in cloud storage

Cloud storage enables users to access their data at any time anywhere. It has the advantages of high scalability, ease of use, cost effectiveness, and so on. However, the server that stores users' data may not be fully trustworthy. When users store ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

ASIA CCS '15: Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security

April 2015

698 pages

ISBN:9781450332453

DOI:10.1145/2714576

General Chairs:
Feng Bao
Huawei Technologies Pte Ltd, Singapore
,
Steven Miller
Singapore Management University, Singapore
,
Program Chairs:
Jianying Zhou
Institute for Infocomm Research, Singapore
,
Gail-Joon Ahn
Arizona State University, USA

Copyright © 2015 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 14 April 2015

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

National Key Basic Research Program of China
Natural Science Foundation of Beijing Municipality
National Natural Science Foundation of China

Conference

ASIA CCS '15

Sponsor:

SIGSAC

ASIA CCS '15: 10th ACM Symposium on Information, Computer and Communications Security

April 14 - March 17, 2015

Singapore, Republic of Singapore

Acceptance Rates

ASIA CCS '15 Paper Acceptance Rate 48 of 269 submissions, 18%;

Overall Acceptance Rate 418 of 2,322 submissions, 18%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

8
Total Citations
View Citations
409
Total Downloads

Downloads (Last 12 months)7
Downloads (Last 6 weeks)1

Reflects downloads up to 13 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Mageshwari MNaresh R(2024)Security Clouds to Improve Privacy and Conduct Continuous Audits in 6G Networked Environments Smart CitiesWireless Personal Communications10.1007/s11277-024-11023-4Online publication date: 8-May-2024
https://doi.org/10.1007/s11277-024-11023-4
Yang HYi ZWang XSu YTu ZYang X(2021)Improved Lightweight Cloud Storage Auditing Protocol for Shared Medical DataWireless Communications and Mobile Computing10.1155/2021/88867632021(1-13)Online publication date: 8-Jan-2021
https://doi.org/10.1155/2021/8886763
He KChen JYuan QJi SHe DDu R(2021)Dynamic Group-Oriented Provable Data Possession in the CloudIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2019.2925800(1-1)Online publication date: 2021
https://doi.org/10.1109/TDSC.2019.2925800
Zhang JWang BWang XWang HXiao S(2020)New group user based privacy preserving cloud auditing protocolFuture Generation Computer Systems10.1016/j.future.2020.01.029Online publication date: Jan-2020
https://doi.org/10.1016/j.future.2020.01.029
Zhang JLin COgiela UNedjah NSangaiah AWang X(2020)Improved publicly verifiable auditing protocol for cloud storageConcurrency and Computation: Practice and Experience10.1002/cpe.604933:23Online publication date: 8-Oct-2020
https://doi.org/10.1002/cpe.6049
Zhu LWang HXu CSharif KLu R(2019)Efficient Group Proof of Storage With Malicious-Member Distinction and RevocationIEEE Access10.1109/ACCESS.2019.29179197(75476-75489)Online publication date: 2019
https://doi.org/10.1109/ACCESS.2019.2917919
Zhang JWang BOgiela MWang XSangaiah A(2019)New public auditing protocol based on homomorphic tags for secure cloud storageConcurrency and Computation: Practice and Experience10.1002/cpe.560032:18Online publication date: 19-Dec-2019
https://doi.org/10.1002/cpe.5600
Wang XLiu YZhang JYang XZhang M(2018)Improved group‐oriented proofs of cloud storage in IoT settingConcurrency and Computation: Practice and Experience10.1002/cpe.478130:21Online publication date: 3-Aug-2018
https://doi.org/10.1002/cpe.4781
Wang YWu QQin BChen XHuang XLou J(2016)Ownership-hidden group-oriented proofs of storage from pre-homomorphic signaturesPeer-to-Peer Networking and Applications10.1007/s12083-016-0530-811:2(235-251)Online publication date: 7-Nov-2016
https://doi.org/10.1007/s12083-016-0530-8

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents