Skip to main content
SpringerLink
Log in

Public data integrity auditing without homomorphic authenticators from indistinguishability obfuscation

  • Regular contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

Cloud storage services allow users to outsource their data to remote cloud servers to relieve from the burden of local data storage and maintenance. Despite the benefits, data outsourcing has also made the data integrity protection in cloud storage a very challenging issue. Plenty of public auditing schemes have been proposed, which allow a third-party auditor to check the data integrity on behalf of users. However, most of these schemes are constructed on homomorphic authenticators, which require strong computation capability on the user side and incur high storage overhead. In this paper, a novel public data integrity auditing scheme is proposed from indistinguishability obfuscation. In our scheme, each user processes the entire data to be outsourced by using only symmetric key primitives, and the server only needs to store the outsourced data. In comparison with existing works, the proposed scheme frees users from the heavy burden on calculating the authenticators and reduces the storage overhead significantly. Moreover, we show the security of the proposed scheme with rigorous proofs. Finally, the performance analysis and comparison with existing works demonstrate the proposed scheme achieves better performance in terms of data processing cost on the user side and storage overhead.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2

Similar content being viewed by others

Notes

  1. Padded to be of the same size as \(Audit-S_{K_{\alpha },ssk_{\alpha }}^{bat}\).

References

  1. Ananth, P., Gupta, D., Ishai, Y., Sahai, A.: Optimizing obfuscation: avoiding Barrington’s theorem. In: Proceedings of CCS, pp. 646–658. ACM (2014)

  2. Apon, D., Huang, Y., Katz, J., Malozemof, A.J.: Implementing cryptographic program obfuscation. IACR Cryptology ePrint Archive, 2014/779 (2014)

  3. Armbrust, M., Fox, A., Griffith, R., Joseph, A.D., Katz, R.H.: Above the Clouds: A Berkeley View of Cloud Computing, vol. 53(4), pp. 50–58. EECS Department University of California, Berkeley (2009)

  4. Ateniese, G., Burns, R., Curtmola, R., Herring, J., Kissner, L., Peterson, Z., Song, D.: Provable data possession at untrusted stores. In: Proceedings of ACM CCS, pp. 598–609 (2007)

  5. Barak, B., Goldreich, O., Impagliazzo, R., Rudich, S., Sahai, A., Vadhan, S., Yang, K.: On the (im)possibility of obfuscating programs. In: Advances in Cryptology-CRYPTO, pp. 1–18. Springer (2001)

  6. Boneh, D., Gentry, C., Lynn, B., Shacham, H.: Aggregate and verifiably encrypted signatures from bilinear maps. In: Advances in Cryptology-EUROCRYPT 2003, vol. 2656(1), pp. 416–432 (2002)

  7. Boneh, D., Lynn, B., Shacham, H.: Short signatures from the weil pairing. In: Advances in Cryptology-ASIACRYPT, pp. 514–532. Springer (2001)

  8. Boneh, D., Waters, B.: Constrained pseudorandom functions and their applications. In: Advances in Cryptology-ASIACRYPT, pp. 280–300. Springer (2013)

  9. Cheng, R., Yan, J., Guan, C., Zhang, F., Ren, K.: Verifiable searchable symmetric encryption from indistinguishability obfuscation. In: Proceedings of ASIACCS, pp. 621–626. ACM (2015)

  10. Garg, S., Gentry, C., Halevi, S., Raykova, M., Sahai, A., Waters, B.: Hiding secrets in software: a cryptographic approach to program obfuscation. Commun. ACM 59(5), 113–120 (2016)

    Article  Google Scholar 

  11. Garg, S., Gentry, C., Halevi, S., Raykova, M., Sahai, A., Waters, B.: Candidate indistinguishability obfuscation and functional encryption for all circuits. In: Proceedings of FOCS, pp. 40–49. IEEE (2013)

  12. Gentry, C., Lewko, A.B., Sahai, A., Waters, B.: Indistinguishability obfuscation from the multilinear subgroup elimination assumption. In: Proceedings of FOCS, pp. 151–170. IEEE (2015)

  13. Guan, C., Ren, K., Zhang, F., Kerschbaum, F., Yu, J.: Symmetric-key based proofs of retrievability supporting public verification. In: Proceedings of ESORICS, pp. 203–223. Springer (2015)

  14. Hohenberger, S., Koppula, V., Waters, B.: Universal signature aggregators. In: Advances in Cryptology-EUROCRYPT, pp. 3–34. Springer (2015)

  15. Juels, A.: Pors: proofs of retrievability for large files. In: Proceedings of CCS, pp. 584–597. ACM (2007)

  16. Pass, R., Seth, K., Telang, S.: Indistinguishability obfuscation from semantically-secure multilinear encodings. In: Advances in Cryptology-CRYPTO, pp. 500–517. Springer (2014)

  17. Ramchen, K., Waters, B.: Fully secure and fast signing from obfuscation. In: Proceedings of CCS, pp. 659–673. ACM (2014)

  18. Sahai, A., Waters, B.: How to use indistinguishability obfuscation: deniable encryption, and more. In: Proceedings of STOC, pp. 475–484. ACM (2014)

  19. Shacham, H., Waters, B.: Compact proofs of retrievability. In: Advances in Cryptology-ASIACRYPT, pp. 90–107. Springer (2008)

  20. Shi, E., Stefanov, E., Papamanthou, C.: Practical dynamic proofs of retrievability. In: Proceedings of CCS, pp. 325–336. ACM (2013)

  21. Sun, L., Chunxiang, X., Zhang, M., Chen, K., Li, H.: Secure searchable public key encryption against insider keyword guessing attacks from indistinguishability obfuscation. Sci. China Inf. Sci. 61(3), 038106 (2018)

    Article  Google Scholar 

  22. Wang, C., Chow, S.S.M., Wang, Q., Ren, K., Lou, W.: Privacy-preserving public auditing for secure cloud storage. IEEE Trans. Comput. 62(2), 362–375 (2012)

    Article  MathSciNet  Google Scholar 

  23. Wang, C., Wang, Q., Ren, K., Lou, K.: Privacy-preserving public auditing for data storage security in cloud computing. In: Proceedings of INFOCOM, pp. 1–9. IEEE (2010)

  24. Wang, Q., Wang, C., Li, J., Ren, K., Lou, K.: Enabling public verifiability and data dynamics for storage security in cloud computing. In: Proceedings of ESORICS, pp. 355–370. Springer (2009)

  25. Worku, S.G., Xu, C., Zhao, J., He, X.: Secure and efficient privacy-preserving public auditing scheme for cloud storage. Comput. Electr. Eng. 40(5), 1703–1713 (2014)

    Article  Google Scholar 

  26. Yang, K., Jia, X.: An efficient and secure dynamic auditing protocol for data storage in cloud computing. IEEE Trans. Parallel Distrib. Syst. 24(9), 1717–1726 (2013)

    Article  Google Scholar 

  27. Zhang, Y., Chunxiang, X., Liang, X., Li, H., Yi, M., Zhang, X.: Efficient public verification of data integrity for cloud storage systems from indistinguishability obfuscation. IEEE Trans. Inf. Forensics Secur. 12(3), 676–688 (2017)

    Article  Google Scholar 

  28. Zhang, Y., Chunxiang, X., Shui, Y., Li, H.: SCLPV: secure certificateless public verification for cloud-based cyber-physical-social systems against malicious auditors. IEEE Trans. Comput. Soc. Syst. 2(4), 159–170 (2015)

    Article  Google Scholar 

Download references

Funding

This study was funded by the National Key R&D Program of China under Grant 2017YFB0802000 and the National Natural Science Foundation of China under Grant 61370203.

Author information

Authors and Affiliations

  1. Center for Cyber Security, School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, 611731, China

    Lixue Sun, Chunxiang Xu & Yuan Zhang

  2. School of Science, Henan Institute of Technology, Xinxiang, 453002, Henan, China

    Lixue Sun

  3. School of Science, Hangzhou Normal University, Hangzhou, 310036, China

    Kefei Chen

Authors
  1. Lixue Sun
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Chunxiang Xu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yuan Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Kefei Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Lixue Sun or Chunxiang Xu.

Ethics declarations

Conflict of interest

The authors declare that they have no conflict of interest.

Ethical approval

This article does not contain any studies with human participants or animals performed by any of the authors.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Sun, L., Xu, C., Zhang, Y. et al. Public data integrity auditing without homomorphic authenticators from indistinguishability obfuscation. Int. J. Inf. Secur. 19, 711–720 (2020). https://doi.org/10.1007/s10207-020-00486-8

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-020-00486-8

Keywords

Search

Navigation