Remote data integrity checking (RDIC) enables clients to verify whether the outsourced data is intact without keeping a copy locally or downloading it. Nevertheless, the existing RDIC schemes do not support the pay-as-you-go (PAYG) payment model, where the payment is decided by the volume and duration of the outsourced data. Specifically, none of the existing works have considered the client’s control over changes in storage duration. In this paper, we propose an RDIC scheme to simultaneously check the data content and storage duration represented by an updatable timestamp via the third-party auditor (TPA). Also, our proposed scheme achieves indistinguishable privacy (IND-privacy) against TPA for both data content and timestamp. To bind the content and timestamp in the authenticator and support efficient timestamp update, we construct the authenticator with the randomizable structure-preserving signature (SPS). Additionally, we utilize the Groth-Sahai proof and range proof to provide the IND-privacy and guarantee the timestamp validation in the auditing phase. We formalize the definition and security model and provide the formal proof of our scheme. We also present the theoretical and experimental performance analysis to demonstrate that our scheme is comparable to the previous RDIC schemes which do not consider the storage time.

远程数据完整性检查（RDIC）使客户端可以验证外包数据是否完整，而无需在本地保留副本或下载副本。但是，现有的RDIC方案不支持即用即付（PAYG）支付模型，该支付由外包数据的数量和持续时间决定。具体来说，现有的作品都没有考虑过客户对存储持续时间变化的控制。在本文中，我们提出了一种RDIC方案，以通过第三方审计程序（TPA）同时检查由可更新时间戳表示的数据内容和存储期限。同样，我们提出的方案针对数据内容和时间戳实现了针对TPA的不可区分的隐私（IND-privacy）。要在身份验证器中绑定内容和时间戳，并支持有效的时间戳更新，我们使用可随机化的结构保留签名（SPS）构造身份验证器。此外，我们利用Groth-Sahai证明和范围证明来提供IND隐私权，并确保在审计阶段进行时间戳验证。我们对定义和安全模型进行形式化，并提供我们方案的形式证明。我们还提供了理论和实验性能分析，以证明我们的方案与以前的RDIC方案（不考虑存储时间）可比。