An Improved Secure Cloud Storage Auditing Protocol Based on Distributed String Equality Checking

Zhang, J.; Wang, B.

doi:10.3233/FI-2018-1625

Artykuł - szczegóły

Tytuł artykułu

An Improved Secure Cloud Storage Auditing Protocol Based on Distributed String Equality Checking

Autorzy

Zhang J. , Wang B.

Wybrane pełne teksty z tego czasopisma

https://fi.episciences.org/

Identyfikatory

DOI

10.3233/FI-2018-1625

Warianty tytułu

Języki publikacji

Abstrakty

Recently how to audit cloud storage correctly and securely is a very hot research topic for cloud storage. At Infocom 2015, Chen et al. proposed a novel secure cloud storage audit protocol based on distributed string equality checking, which is a very interesting result. In this paper, we give some improvements to their protocol to strengthen its security. In particular, we show that if the data owners reuse pseudorandom function on the same order number of file block when uploading file block's tag to the cloud, the protocol maybe not secure any more. We also show that there can exist P many (m_i, c_i) pairs which will result in the same inner product sum n ∑ⁿ_i=1 m_i . c_i while m_i denotes the file block, c_i denotes the challenge value, and n denotes the number of blocks. We emphasis here that the flaw maybe does not lie in the traditional security model of cloud storage auditing protocol, but we think it is actually a serious drawback for current secure cloud storage audit protocols. We emphasis these two flaws can also exist in some famous cloud auditing protocols such as PDP and POR. Finally, we give an improvement to their protocol, and thus also give a way to strengthen the famous PDP and POR protocols.

Słowa kluczowe

cloud storage auditing inner product security analysis

Wydawca

IOS Press

Czasopismo

Fundamenta Informaticae

Rocznik

2018

Tom

Vol. 157, nr 1/2

Strony

185--199

Opis fizyczny

Bibliogr. 30 poz., tab.

Twórcy

autor

Zhang J.

69957106@qq.com

State Key Laboratory of Integrated Service Networks, Xidian University, Xi’an 710071, China

autor

Wang B.

bcwang79@aliyun.com

State Key Laboratory of Integrated Service Networks, Xidian University, Xi’an 710071, China

Bibliografia

[1] Ateniese G, Burns RC, Curtmola R, Herring J, Kissner L, Peterson ZNJ, et al. Provable data possession at untrusted stores. In: Ning P, di Vimercati SDC, Syverson PF, editors. ACM CCS 07. ACM Press; 2007. p.598-609. doi:10.1145/1315245.1315318.
[2] Shacham H, Waters B. Compact Proofs of Retrievability. In: Pieprzyk J, editor. ASIACRYPT 2008. vol.5350 of LNCS. Springer; 2008. p. 90-107. URL https://doi.org/10.1007/978-3-540-89255-7_7.
[3] Erway CC, Küpçü A, Papamanthou C, Tamassia R. Dynamic provable data possession. In: Al-Shaer E, Jha S, Keromytis AD, editors. ACM CCS 09. ACM Press; 2009. p. 213-222. doi:10.1145/1653662.1653688.
[4] Kamara S, Papamanthou C, Roeder T. Dynamic searchable symmetric encryption. In: Yu T, Danezis G, Gligor VD, editors. ACM CCS 12. ACM Press; 2012 p. 965-976. doi:10.1145/2382196.2382298.
[5] Naveed M, Prabhakaran M, Gunter CA. Dynamic Searchable Encryption via Blind Storage. In: 2014 IEEE Symposium on Security and Privacy. IEEE Computer Society Press; 2014 p. 639-654. doi:10.1109/SP.2014.47.
[6] Fu Z, Ren K, Shu J, Sun X, Huang F. Enabling Personalized Search over Encrypted Outsourced Data with Efficiency Improvement. IEEE Transactions on Parallel and Distributed Systems, vol. 27, no. 9, 2016 pp.2546-2559. doi:10.1109/TPDS.2015.2506573.
[7] Xia Z, Wang X, Sun X, Wang Q. A Secure and Dynamic Multi-keyword Ranked Search Scheme over Encrypted Cloud Data, IEEE Transactions on Parallel and Distributed Systems, vol. 27, no. 2, 2015 pp.340-352. doi:10.1109/TPDS.2015.2401003.
[8] Fu Z, Wu X, Guan C, Sun X, Ren K. Toward Efficient Multi-keyword Fuzzy Search over Encrypted Outsourced Data with Accuracy Improvement. IEEE Transactions on Information Forensics and Security, vol. 11, no. 12, 2016 pp. 2706-2716. doi:10.1109/TIFS.2016.2596138.
[9] Fu Z, Sun X, Liu Q, Zhou L, Shu J. Achieving Efficient Cloud Search Services: Multi-keyword Ranked Search over Encrypted Cloud Data Supporting Parallel Computing. IEICE Transactions on Communications, vol. E98-B, no. 1, 2015 pp.190-200. doi:10.1587/transcom.E98.B.190.
[10] Fu Z, Huang F, Sun X, Athanasios V. V., and Yang C. Enabling Semantic Search based on Conceptual Graphs over Encrypted Outsourced Data. IEEE Transactions on Services Computing, 2016, doi:10.1109/TSC.2016.2622697.
[11] Fiore D, Gennaro R, Pastro V. Efficiently Verifiable Computation on Encrypted Data. In: Ahn GJ, Yung M, Li N, editors. ACM CCS 14. ACM Press; 2014 pp. 844-855. doi:10.1145/2660267.2660366.
[12] Chen X, Li J, Weng J, Ma J, Lou W. Verifiable Computation over Large Database with Incremental Updates. In: Kutylowski M, Vaidya J, editors. ESORICS 2014, Part I. vol. 8712 of LNCS. Springer; 2014 pp. 148-162. URL https://doi.org/10.1007/978-3-319-11203-9_9.
[13] Lai J, Deng RH, Pang H, Weng J. Verifiable Computation on Outsourced Encrypted Data. In: Kutylowski M, Vaidya J, editors. ESORICS 2014, Part I. vol. 8712 of LNCS. Springer; 2014 pp. 273-291. URL https://doi.org/10.1007/978-3-319-11203-9_16.
[14] Costello C, Fournet C, Howell J, Kohlweiss M, Kreuter B, Naehrig M, et al. Geppetto: Versatile Verifiable Computation. In: 2015 IEEE Symposium on Security and Privacy. IEEE Computer Society Press; 2015 pp. 253-270. doi:10.1109/SP.2015.23.
[15] Sahai A, Seyalioglu H, Waters B. Dynamic Credentials and Ciphertext Delegation for Attribute-Based Encryption. In: Safavi-Naini R, Canetti R, editors. CRYPTO 2012. vol. 7417 of LNCS. Springer; 2012 pp. 199-217. URL https://doi.org/10.1007/978-3-642-32009-5_13.
[16] Lee K, Choi SG, Lee DH, Park JH, Yung M. Self-Updatable Encryption: Time Constrained Access Control with Hidden Attributes and Better Efficiency. In: Sako K, Sarkar P, editors. ASIACRYPT 2013, Part I. vol. 8269 of LNCS. Springer; 2013 pp. 235-254. doi:10.1007/978-3-642-42033-7_13.
[17] Yu S, Wang C, Ren K, Lou W. Achieving secure scalable and fine-grained data access control in cloud computing; 2010. Proceedings of the 29th conference on Information communications (INFOCOM 10), IEEE Press, pp. 534-542. doi:10.1109/INFCOM.2010.5462174.
[18] Yang K, Jia X, Ren K, Xie R, Huang L. Enabling Efficient Access Control with Dynamic Policy Updating for Big Data in the Cloud. Proceedings of the 33th conference on Information communications (INFOCOM 14), IEEE Press, 2013 pp. 2013-2021. doi:10.1109/INFOCOM.2014.6848142.
[19] Ateniese G, Fu K, Green M, Hohenberger S. Improved Proxy Re-Encryption Schemes with Applications to Secure Distributed Storage. In: NDSS 2005. The Internet Society; 2005.
[20] Ateniese G, Fu K, Green M, Hohenberger S. Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Transactions on Information and System Security. 2006 pp. 1-30. doi:10.1145/1127345.1127346.
[21] Bellare M, Keelveedhi S, Ristenpart T. Message-Locked Encryption and Secure Deduplication. In: Johansson T, Nguyen PQ, editors. EUROCRYPT 2013. vol. 7881 of LNCS. Springer; 2013 pp. 296-312. URL https://doi.org/10.1007/978-3-642-38348-9_18.
[22] Bellare M, Keelveedhi S. Interactive Message-Locked Encryption and Secure Deduplication. In: Katz J, editor. PKC 2015. vol. 9020 of LNCS. Springer; 2015 pp. 516-538. URL ia.cr/2015/052.
[23] Chen F, Xiang T, Yang Y, Wang C, Zhang S. Secure Cloud Storage Hits Distributed String Equality Checking: More Efficient, Conceptually Simpler, and Provably Secure. Proceedings of the 34th conference on Information communications (INFOCOM 15), IEEE Press, 2015 pp. 2388-2397. doi:10.1109/INFOCOM.2015.7218627.
[24] Ren W, Huang S, Ren Y, Choo K. R. LiPISC: A Lightweight and Flexible Method for Privacy-aware Intersection Set Computation. PLOS ONE, 2016 11(6):e0157752. doi:10.1371/journal.pone.0157752.
[25] Ren W, Liu R, Lei M, Choo K. R. SeGoAC: A Tree-based Model for Self-Defined and Group-Oriented Access Control in Mobile Cloud Computing. Computer Standards&Interfaces, Elsevier, In Press, Sept. 2016. doi:10.1016/j.csi.2016.09.001.
[26] Ren W. uLeepp: An Ultra-lightweight Energy-Efficient and Privacy-Protected Scheme for Pervasive and Mobile WBSN-Cloud Communications. Ad Hoc&Sensor Wireless Networks, Canada, 2015;27(3-4):173-195.
[27] Xiang C, Tang C. New verifiable outsourced computation scheme for an arbitrary function. International Journal of Grid and Utility Computing. 2016;7(3):190-199. doi:10.1504/IJGUC.2016.080187.
[28] Liu Z, Yang X, Pan F. et al. CCA-secure publicly verifiable public key encryption scheme without pairings. International Journal of Grid and Utility Computing. 2015;6(2):74-82. doi:10.1504/IJGUC.2015.068822.
[29] Yuriyama M, Kushida T. Integrated cloud computing environment with IT resources and sensor devices. International Journal of Space-Based and Situated Computing. 2011;1(2-3):163-173. URL https://doi.org/10.1504/IJSSC.2011.040342.
[30] Mori T, Nakashima M, Ito T. SpACCE: A sophisticated ad hoc cloud computing environment built by servermigration to facilitate distributed collaboration. International Journal of Space-Based and Situated Computing. 2012;2(4):230-239. URL https://doi.org/10.1504/IJSSC.2012.050000.

Uwagi

Opracowanie rekordu w ramach umowy 509/P-DUN/2018 ze środków MNiSW przeznaczonych na działalność upowszechniającą naukę (2018).

Typ dokumentu

Bibliografia

Identyfikator YADDA

bwmeta1.element.baztech-d16d8fad-d9b8-4838-a376-1171c689ff6e