Research PapersNo Access

Certificateless Public Verification for the Outsourced Data Integrity in Cloud Storage

Longxia Huang

School of Computer Science and Engineering, Nanjing University of Science and Technology, Nanjing 210094, P. R. China

Search for more papers by this author

Junlong Zhou

http://orcid.org/0000-0002-7734-4077

School of Computer Science and Engineering, Nanjing University of Science and Technology, Nanjing 210094, P. R. China

E-mail Address: jlzhou@njust.edu.cn

Search for more papers by this author

Gongxuan Zhang

School of Computer Science and Engineering, Nanjing University of Science and Technology, Nanjing 210094, P. R. China

E-mail Address: gongxuan@njust.edu.cn

Corresponding author.

Search for more papers by this author

Jin Sun

School of Computer Science and Engineering, Nanjing University of Science and Technology, Nanjing 210094, P. R. China

Search for more papers by this author

Tian Wang

School of Computer Science and Engineering, Nanjing University of Science and Technology, Nanjing 210094, P. R. China

Search for more papers by this author

, and

Ahmadreza Vajdi

School of Computer Science and Engineering, Nanjing University of Science and Technology, Nanjing 210094, P. R. China

Search for more papers by this author

https://doi.org/10.1142/S0218126618501815Cited by:9 (Source: Crossref)

Abstract

By advances in cloud storage systems, users have access to the data saved in the cloud and can manipulate the data without limitation of time and place. As the data owner no longer possesses data physically, he is required to ensure the integrity of the data stored in the cloud with the public key given by public key infrastructure (PKI). Thus the security of PKI and certificates are essential. However, there are numerous security risks in the traditional PKI and it is complex to administer the certificates. Certificateless public key cryptography is used in this paper to solve these problems. We also use elliptic curve group to reduce computation overhead. In this paper, we design a certificateless public verification mechanism to check the integrity of data outsourced in the cloud and we further extend it to support a multiuser group by batch verification. Specifically, a public verifier who replaces the data owner to check the integrity in the proposed scheme does not require to manage any certificates during the verification process. Meanwhile, a verifier is not required to download the entire file for integrity checking. Theoretical analyses verify the security of our scheme and experimental results show its efficiency.

This paper was recommended by Regional Editor Tongquan Wei.

Keywords:

References

1. Y. Chen, F. Li, B. Du, J. Fan and Z. Deng, A quantitative analysis on semantic relations of data blocks in storage systems, J. Circuits Syst. Comput. 24 (2015) 1550118. Link, Web of Science, Google Scholar
2. S. Yu, Challenges and opportunities of privacy study in the age of big data, IEEE Access 4 (2016) 2751–2763. Web of Science, Google Scholar
3. W. Ren, L. Zeng, R. Liu and C. Cheng, F2AC: A lightweight, fine-grained, and flexible access control scheme for file storage in mobile cloud computing, Mobile Inf. Syst. 2016 (2016) 5232846. Web of Science, Google Scholar
4. A. Fu, N. Qin, J. Song and M. Su, Privacy-preserving public auditing for multiple managers shared data in the cloud, J. Comput. Res. Dev. 52 (2015) 2353–2362. Google Scholar
5. G. Xie, G. Zeng, Y. Chen, Y. Bai, Z. Zhou, R. Li and K. Li, Minimizing redundancy to satisfy reliability requirement for a parallel application on heterogeneous service-oriented systems, IEEE Trans. Serv. Comput. PP (2017) 1–1. Google Scholar
6. G. Ateniese, R. Burns and R. Curtmola, Provable data possession at untrusted stores, Proc. 14th ACM Conf. Computer and Communications Security (Springer, Berlin, 2007), pp. 598–609. Google Scholar
7. G. Ateniese, R. Burns and R. Curtmola, Remote data checking using provable data possession, ACM Trans. Inf. Syst. Secur. 14 (2011) 12. Google Scholar
8. A. Juels and B. S. Kaliski, PORs: Proofs of retrievability for large files, Proc. 14th ACM Conf. Computer and Communications Security (Springer, Berlin, 2007), pp. 584–597. Google Scholar
9. M. Long, Y. Li and F. Peng, Integrity verification for multiple data copies in cloud storage based on spatiotemporal chaos, Int. J. Bifurcation Chaos Appl. Sci. Eng. 27 (2017) 1750054. Link, Web of Science, Google Scholar
10. Y. Zhu, S. Wang and H. Hu, Secure collaborative integrity verification for hybrid cloud environments, Int. J. Coop. Inf. Syst. 21 (2012) 165–197. Link, Web of Science, Google Scholar
11. B. Wang, B. Li and H. Li, Oruta: Privacy-preserving public auditing for shared data in the cloud, IEEE Trans. Cloud Comput. 2 (2014) 43–56. Google Scholar
12. L. Huang, G. Zhang and A. Fu, Privacy-preserving public auditing for dynamic group based on hierarchical tree, J. Comput. Res. Dev. 53 (2016) 2334–2342. Google Scholar
13. L. Huang, G. Zhang and A. Fu, Privacy-preserving public auditing for non-manager group, Proc. 2017 IEEE Int. Conf. Communications (ICC) (2017). Google Scholar
14. C. Wang, S. S. M. Chow, Q. Wang, K. Ren and W. Lou, Privacy-preserving public auditing for secure cloud storage, IEEE Trans. Comput. 62 (2012) 362–375. Web of Science, Google Scholar
15. L. Huang, G. Zhang and A. Fu, Certificateless public verification scheme with privacy-preserving and message recovery for dynamic group, Proc. ACM Australasian Computer Science Week Multiconf. (2017). Google Scholar
16. Y. Yu, M. H. Au and Y. Mu, Enhanced privacy of a remote data integrity-checking protocol for secure cloud storage, Int. J. Inf. Sec. 14 (2015) 307–318. Web of Science, Google Scholar
17. M. S. Hwang, T. H. Sun and C. C. Lee, Achieving dynamic data guarantee and data confidentiality of public auditing in cloud storage service, J. Circuits Syst. Comput. 26 (2016) 1750072. Link, Web of Science, Google Scholar
18. Y. Yu, L. Xue, H. A. Man, W. Susilo, J. Ni, Y. Zhang, A. V. Vasilakosc and J. Shen, Cloud data integrity checking with an identity-based auditing mechanism from RSA, Future Gener. Comput. Syst. 62 (2016) 85–91. Web of Science, Google Scholar
19. H. Wang, Identity-based distributed provable data possession in multicloud storage, IEEE Trans. Serv. Comput. 8 (2015) 328–340. Web of Science, Google Scholar
20. M. S. Kiraz, İ. Sertkaya and O. Uzunkol, An efficient ID-based message recoverable privacy-preserving auditing scheme, Proc. 2015 13th Annu. Conf. Privacy, Security and Trust (PST) (2015), pp. 117–124. Google Scholar
21. J. Zhang and Q. Dong, Efficient ID-based public auditing for the outsourced data in cloud storage, Inf. Sci. 334–344 (2016) 1–14. Google Scholar
22. S. Tang and G. Wei, ID-based digital multisignature scheme, J. Circuits Syst. Comput. 9 (1999) 223–227. Link, Web of Science, Google Scholar
23. B. Wang, B. Li, H. Li and F. Li, Certificateless public auditing for data integrity in the cloud, Proc. 2013 IEEE Conf. Communications and Network Security (CNS) (2013), pp. 136–144. Google Scholar
24. S. S. Al-Riyami and K. G. Paterson, Certificateless public key cryptography, ASIACRYPT 2003: Advances in Cryptology, Lecture Notes in Computer Science, Vol. 2894 (Springer, Berlin, 2003), pp. 452–473. Google Scholar
25. D. He, S. Zeadally and L. Wu, Certificateless public auditing scheme for cloud-assisted wireless body area networks, IEEE Syst. J. PP (2015) 1–10. Google Scholar
26. B. Lynn, PBC: The pairing-based cryptography library (2011), http://crypto.stanford.edu/pbc. Google Scholar