Abstract
In this paper, we study the problem of secure cloud storage in a multi-user setting such that the ownership of outsourced files can be hidden against the cloud server. There is a group manager for initiating the system, who is also responsible for issuing private keys for the involved group members. All authorized members are able to outsource files to the group’s storage account at some cloud server. Although the ownership of outsourced file is preserved against the cloud server, the group manager could trace the true identity of any suspicious file for liability investigation. To address this issue, we introduce and formalize a notion of ownership-hidden group-oriented proofs of storage (OPoS). We present a generic OPoS construction from pre-homomorphic signatures, and propose an OPoS instantiation by employing the Boneh–Boyen short signature. We show that the OPoS instantiation can be optimized using a polynomial commitment technique, so that the integrity auditing protocol would only take constant-size communication overheads by the cloud server. Theoretical and experimental analyses show that our OPoS instantiations are efficient and practical for enterprise-oriented cloud storage applications. Also, we show that the OPoS instantiations can be enhanced to safeguard against a dynamic set of corrupted members, as well as support batch integrity auditing mechanism.
Similar content being viewed by others
References
Su Z, Xu Q, Qi Q (2016) Big data in mobile social networks: a QoE-oriented framework. IEEE Netw 30(1):52–57
Deng H, Wu Q, Qin B, Chow SSM, Domingo-Ferrer J, Shi W (2014) Tracing and revoking leaked credentials: Accountability in leaking sensitive outsourced data. In: Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security. ACM, pp 425–434
Ateniese G, Burns R, Curtmola R, Herring J, Kissner L, Peterson Z, Song D (2007) Provable data possession at untrusted stores Proceedings of the 14th ACM conference on computer and communications security. ACM, pp 598–609
Ateniese G, Kamara S, Katz J (2009) Proofs of storage from homomorphic identification protocols. In: Matsui M (ed) Advances in cryptology–ASIACRYPT 2009, vol 5912. Springer, Heidelberg, pp 319–333
Deng H, Wu Q, Qin B, Mao J, Liu X, Zhang L, Shi W (2014) Who is touching my cloud. In: Kutylowski M, Vaidya J (eds) Computer Security–ESORICS 2014, vol 8712. Springer International Publishing, pp 362–379
Xiong J, Li F, Ma J, Liu X, Yao Z, Chen PS (2015) A full lifecycle privacy protection scheme for sensitive data in cloud computing. Peer-to-Peer Networking and Applications 8(6):1025–1037
Chen X, Li J, Huang X, Ma J, Lou W (2015) New publicly verifiable databases with efficient updates. IEEE Transactions on Dependable and Secure Computing 12(5):546–556
Chen X, Li J, Weng J, Ma J, Lou W (2016) Verifiable computation over large database with incremental updates. IEEE Trans Comput
Wen M, Lu K, Lei J, Li F, Li J (2015) BDO-SD: An efficient scheme for big data outsourcing with secure deduplication. In: 2015 IEEE Conference on computer communications workshops (INFOCOM WKSHPS). IEEE, pp 214–219
Wen M, Ota K, Li H, Lei J, Gu C, Su Z (2015) Secure data deduplication with reliable key management for dynamic updates in cpss. IEEE Transactions on Computational Social Systems 2(4):137–147
Yu CM, Chen CY, Chao HC (2015) Proof of ownership in deduplicated cloud storage with mobile device efficiency. IEEE Netw 29(2):51–55
Huang X, Liu JK, Tang S, Xiang Y, Liang K, Xu L, Zhou J (2015) Cost-effective authentic and anonymous data sharing with forward security. IEEE Trans Comput 64(4):971–983
Huang X, Xiang Y, Bertino E, Zhou J, Xu L (2014) Robust multi-factor authentication for fragile communications. IEEE Transactions on Dependable and Secure Computing 11(6): 568–581
Wu Q, Qin B, Zhang L, Domingo-Ferrer J, Farràs O, Manjón JA (2016) Contributory broadcast encryption with efficient encryption and short ciphertexts. IEEE Trans Comput 65(2): 466–479
Wu Q, Qin B, Zhang L, Domingo-Ferrer J, Manjón JA (2013) Fast transmission to remote cooperative groups: a new key management paradigm. IEEE/ACM Trans Networking 21(2): 621–633
Juels A, Kaliski BS Jr (2007) PORs: Proofs of retrievability for large files. In: Proceedings of the 14th ACM Conference on Computer and Communications Security. ACM , pp 584–597
Ateniese G, Di Pietro R, Mancini LV, Tsudik G (2008) Scalable and efficient provable data possession. In: Proceedings of the 4th International Conference on Security and Privacy in Communication Networks. ACM
Erway C, Küpçü A, Papamanthou C, Tamassia R (2009) Dynamic provable data possession. In: Proceedings of the 16th ACM Conference on Computer and Communications Security. ACM, pp 213–222
Shacham H, Waters B (2013) Compact proofs of retrievability. J Cryptol 26(3):442–483
Yuan J, Yu S (2015) PCPOR: Public and constant-cost proofs of retrievability in cloud. J Comput Secur 23(3):403–425
Boneh D, Boyen X (2008) Short signatures without random oracles and the sdh assumption in bilinear groups. J Cryptol 21(2):149–177
Kate A, Zaverucha GM, Goldberg I (2010) Constant-size commitments to polynomials and their applications. In: Abe M (ed) Advances in cryptology–ASIACRYPT 2010, vol 6477. Springer, Heidelberg, pp 177–194
Wang Y, Wu Q, Qin B, Chen X, Huang X, Zhou Y (2015) Group-oriented proofs of storage. In: Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security. ACM, pp 73–84
Xu J, Chang EC (2012) Towards efficient proofs of retrievability. In: Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security. ACM, pp 79–80
Wang Y, Wu Q, Wong DS, Qin B, Chow SSM, Liu Z, Tan X (2014) Securely outsourcing exponentiations with single untrusted program for cloud storage. In: Kutylowski M, Vaidya J (eds) Computer Security–ESORICS 2014, vol 8712. Springer International Publishing, pp 326–343
Wang B, Li B, Li H (2012) Knox: Privacy-preserving auditing for shared data with large groups in the cloud. In: Bao F, Samarati P, Zhou J (eds) Applied cryptography and network security, vol 7341. Springer, Heidelberg, pp 507–525
Wang B, Li B, Li H (2012) Oruta: Privacy-preserving public auditing for shared data in the cloud. In: 2012 IEEE 5th international conference on Cloud computing (CLOUD), pp 295–302
Wang B, Chow SSM, Li M, Li H (2013) Storing shared data on the cloud via security-mediator. In: 2013 IEEE 33rd international conference on Distributed computing systems (ICDCS), pp 124–133
Wang H, Wu Q, Qin B, Domingo-Ferrer J (2014) Identity-based remote data possession checking in public clouds. IET Inf Secur 8(2):114–121
Yu Y, Mu Y, Ni J, Deng J, Huang K (2014) Identity privacy-preserving public auditing with dynamic group for secure mobile cloud storage. In: Au MH, Carminati B, Kuo CCJ (eds) Network and System Security, vol 8792. Springer International Publishing, pp 28–40
Freeman DM, Fischlin M, Buchmann J, Manulis M (2012) Improved security for linearly homomorphic signatures: a generic framework Public key cryptography–PKC 2012, vol 7293. Springer, Heidelberg, pp 697–714
Wang C, Chow SSM, Wang Q, Ren K, Lou W (2013) Privacy-preserving public auditing for secure cloud storage. IEEE Trans Comput 62(2):362–375
Ren Y, Shen J, Zheng Y, Wang J, Chao HC (2015) Efficient data integrity auditing for storage security in mobile health cloud. Peer-to-Peer Networking and Applications:1–10
Acknowledgments
This work was partially supported by the Natural Science Foundation of China (Nos. 61672083, 61672083, 61370190, 61272501, 61202465, 61402029, 61472429, 61202465, 61532021), by the Beijing Natural Science Foundation (No. 4132056) and by the Guangxi natural science foundation (2013 GXNSFBB053005).
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Wang, Y., Wu, Q., Qin, B. et al. Ownership-hidden group-oriented proofs of storage from pre-homomorphic signatures. Peer-to-Peer Netw. Appl. 11, 235–251 (2018). https://doi.org/10.1007/s12083-016-0530-8
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12083-016-0530-8