[KSCI] Korea Science Citation Index Service

http://dx.doi.org/10.3837/tiis.2019.02.030

Secure and Efficient Privacy-Preserving Identity-Based Batch Public Auditing with Proxy Processing

Zhao, Jining (Center for Cyber Security, School of Computer Science and Engineering, University of Electronic Science and Technology of China)
Xu, Chunxiang (Center for Cyber Security, School of Computer Science and Engineering, University of Electronic Science and Technology of China)
Chen, Kefei (Hangzhou Key Laboratory of Cryptography and Network Security, Hangzhou Normal University)

Publication Information

KSII Transactions on Internet and Information Systems (TIIS) / v.13, no.2, 2019 , pp. 1043-1063 More about this Journal

Abstract

With delegating proxy to process data before outsourcing, data owners in restricted access could enjoy flexible and powerful cloud storage service for productivity, but still confront with data integrity breach. Identity-based data auditing as a critical technology, could address this security concern efficiently and eliminate complicated owners' public key certificates management issue. Recently, Yu et al. proposed an Identity-Based Public Auditing for Dynamic Outsourced Data with Proxy Processing (https://doi.org/10.3837/tiis.2017.10.019). It aims to offer identity-based, privacy-preserving and batch auditing for multiple owners' data on different clouds, while allowing proxy processing. In this article, we first demonstrate this scheme is insecure in the sense that malicious cloud could pass integrity auditing without original data. Additionally, clouds and owners are able to recover proxy's private key and thus impersonate it to forge tags for any data. Secondly, we propose an improved scheme with provable security in the random oracle model, to achieve desirable secure identity based privacy-preserving batch public auditing with proxy processing. Thirdly, based on theoretical analysis and performance simulation, our scheme shows better efficiency over existing identity-based auditing scheme with proxy processing on single owner and single cloud effort, which will benefit secure big data storage if extrapolating in real application.

Keywords

Cloud computing; identity-based cryptography; public auditing; proxy; security analysis;

Citations & Related Records

Times Cited By KSCI : 2 (Citation Analysis)

Reference
Cited By KSCI

1	K. Yang, X. Jia, "An efficient and secure dynamic auditing protocol for data storage in cloud computing,"IEEE Transactions on Parallel and Distributed Systems, 24(9), 1717-1726, 2013. DOI
2	R. Curtmola, O. Khan, R. Burns, G. Ateniese, "MR-PDP: Multiple-replica provable data possession," In Proceedings of ICDCS 2008, pp. 411-420 (2008).
3	B. Wang, B. Li, H. Li, "Panda: public auditing for shared data with efficient user revocation in the cloud," IEEE Transactions on Services Computing, 8(1), 92-106, 2015. DOI
4	Q. Wang, C. Wang, K. Ren, W. Lou, J. Li, "Enabling Public Auditability and Data Dynamics for Storage Security in Cloud Computing," IEEE Transactions on Parallel and Distributed Systems, 22(5), 847-859, 2011. DOI
5	C. Erway, A. Kupcu, C. Papamanthou, R. Tamassia, "Dynamic Provable Data Possession," ACM Transactions on Information and System Security, 17(4), 2015.
6	C. Liu, R. Ranjan, C. Yang, X. Zhang, L. Wang, J. Chen, "MuRDPA: Top-down levelled multi-replica merkle hash tree based secure public auditing for dynamic big data storage on cloud," IEEE Transactions. on Computers, 64(9), 2609-2622, 2015. DOI
7	G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson, D. Song, "Provable Data Possession at Untrusted Stores," in Proc. of ACM CCS 2007, pp. 598-609, 2007.
8	A. F. Barsoum, M. A. Hasan, "Provable multicopy dynamic data possession in cloud computing systems," IEEE Transactions on Information Forensics and Security, 10(3), pp. 485-497, 2015. DOI
9	J. Wang, X. Chen, X. Huang, I. You, and Y. Xiang, "Verifiable auditing for outsourced database in cloud computing," IEEE Transactions on Computers, 64(11), 3293-3303, 2015. DOI
10	Y. Miao, J. Ma, X. Liu, X. Li, Q. Jiang, and J. Zhang, "Attribute-based keyword search over hierarchical data in cloud computing," IEEE Transactions on Services Computing, 2018.
11	Y. Miao, J. Ma, X. Liu, X. Li, Z. Liu, and H. Li, "Practical attribute based multi-keyword search scheme in mobile crowdsourcing," IEEE Internet of Things Journal, 5 (4), 3008-3018, 2018. DOI
12	Y. Miao, J. Ma, X. Liu, J. Weng, and H. Li, H Li, "Lightweight fine-grained search over encrypted data in fog computing," IEEE Transactions on Services Computing, 2018.
13	Y. Miao, J. Weng, X. Liu, KKR Choo, Z. Liu, and H. Li, "Enabling verifiable multiple keywords search over encrypted cloud data," Information Sciences, 465, 21-37, 2018. DOI
14	J. Zhao, C. Xu, F. Li, W. Zhang, "Identity-based public verification with privacy preserving for data storage security in cloud computing," IEICE Transactions Fundamentals Electronics, Communications and Computer Sciences, 96(12), 2709-2716, 2013.
15	D. Boneh, M. Franklin, "Identity-based encryption from the weil pairing, " in Proc. of CRYPTO 2001, LNCS 2139, pp. 213-229, 2001.
16	H. Wang, "Identity-based distributed provable data possession in multicloud storage," IEEE Transactions on Services Computing, 8(2), 328-340, 2015. DOI
17	H. Wang, D. He, S. Tang, "Identity-based proxy-oriented data uploading and remote data integrity checking in public cloud," IEEE Transactions on Information Forensics and Security, 11(6), 1165-1176, 2016. DOI
18	Y. Yu, Y. Zhang, Y. Mu, W. Susilo, "Provably Secure Identity based Provable Data Possession," in Proc. of ProvSec 2015, LNCS 9451, pp. 1-16, Springer, Heidelberg, 2015.
19	H. Liu, Y. Mu, J. Zhao, C. Xu, H. Wang, L. Chen, et al., "Identity-based provable data possession revisited: security analysis and generic construction," Computer Standards & Interfaces, 54(1), 10-19, 2017. DOI
20	Y. Yu, M. H. A. Au, G. Ateniese, X. Huang, W. Susilo, Y. Dai, G. Min , "Identity-based remote data integrity checking with perfect data privacy preserving for cloud storage," IEEE Transactions on Information Forensics and Security, 12(4), 767-778, April, 2017. DOI
21	X. Zhang, H. Wang and C. Xu, "Identity-based key-exposure resilient cloud storage public auditing scheme from lattices," Information Science, 472, 223-234, 2019. DOI
22	S. Peng, F. Zhou, J. Xu, Z. Xu, "Comments on "Identity-Based Distributed Provable Data Possession in Multicloud Storage," IEEE Transactions on Services Computing, 9(6), 996-998, Nov.-Dec, 2016. DOI
23	J. Zhao, C. Xu and K. Chen, "A Security-Enhanced Identity-Based Batch Provable Data Possession Scheme for Big Data Storage," KSII Transactions on Internet and Information Systems, 12(9), 4576-4598, 2018. DOI
24	The GNU Multiple Precision Arithmetic Library (GMP).
25	J. Coron, "On the exact security of full domain hash," In Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 220-235. Springer, Heidelberg (2000).
26	H. Yu, Y. Cai, S. Kong, et al, "Efficient and Secure Identity-Based Public Auditing for Dynamic Outsourced Data with Proxy," KSII transactions on Internet and Information Systems, 11(10), Oct. 5039-5061, 2017. DOI
27	The Pairing-Based Cryptography Library (PBC).
28	OpenSSL: cryptography and SSL/TLS Toolkit.
29	IDC.com, "Worldwide Public Cloud Services Spending Forecast to Reach $122.5 Billion in 2017, According to IDC," February 20, 2017.
30	Gartner.com, "Gartner Forecasts Worldwide Public Cloud Services Revenue to Reach $260 Billion in 2017," October 12, 2017.
31	Y. Wang, Q. Wu, B. Qin, W. Shi, R. H. Deng, J. Hu, "Identity-Based Data Outsourcing with Comprehensive Auditing in Clouds, " IEEE Transactions on Information Forensics and Security,12(4), 940-952, 2017. DOI
32	Z. Fu, X. Wu, C. Guan, X. Sun, K. Ren, "Toward efficient multi-keyword fuzzy search over encrypted outsourced data with accuracy improvement," IEEE Transactions on Information Forensics and Security, 11(12), 2706-2716, 2016. DOI
33	Y. Zhu, H. Hu, G. J. Ahn, M.Yu, "Cooperative Provable Data Possession for Integrity Verification in MultiCloud Storage," IEEE Transactions Parallel and Distributed Systems, 23(12), 2231-2244, December, 2012. DOI
34	H. Shacham, B. Waters, "Compact proofs of retrievability," In Proceedings of ASIACRYPT 2008, pp. 90-107, 2008.
35	C. Wang, S. S. M. Chow, Q. Wang, K. Ren, W. Lou, "Privacy-Preserving Public Auditing for Secure Cloud Storage," IEEE Transactions on Computers, 62(2), 362-375, February, 2013. DOI