ID-Based Public Auditing Protocol for Cloud Storage Data Integrity Checking with Strengthened Authentication and Security
JIANG Hong, XIE Mingming, KANG Baoyuan, LI Chunqing, SI Lin1. School of Management, Tianjin Polytechnic University, Tianjin 300387, China; 2. School of Computer Science and Software, Tianjin Poly-technic University, Tianjin 300387, China
Cloud storage service reduces the burden of data users by storing users’ data files in the cloud. But, the files might be modified in the cloud. So, data users hope to check data files integrity periodically. In a public auditing protocol, there is a trusted auditor who has certain ability to help users to check the integrity of data files. With the advantages of no public key management and verification, researchers focus on public auditing protocol in ID-based cryptography recently. However, some existing protocols are vulnerable to forgery attack. In this paper, based on ID-based signature technology, by strengthening information authentication and the computing power of the auditor, we propose an ID-based public auditing protocol for cloud data integrity checking. We also prove that the proposed protocol is secure in the random oracle model under the assumption that the Diffie-Hellman problem is hard. Furthermore, we compare the proposed protocol with other two ID-based auditing protocols in security features, communication efficiency and computation cost. The comparisons show that the proposed protocol satisfies more security features with lower computation cost.
Key words:ID-based auditing; data integrity checking; digital signature; security; bilinear map
 Ateniese G, Burns R, Curtmola R, et al. Provable data pos-session at untrusted stores [C] // Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS07). New York: ACM, 2007: 598-609.
 Ateniese G, Kamara S, Katz J. Proofs of storage from ho-momorphic identification protocols [C]// Proceedings of the 15th International Conference on Theory and Application of Cryptology and Information Security: Advances in Cryptology. Berlin, Heidelberg: Springer-Verlag, 2009: 319-333.
 Lu R, Lin X, Luan T, et al. Pseudonym changing at social spots: An effective strategy for location privacy in VANETs [J]. IEEE Transaction on Vehicular Technology, 2012, 61(1) : 86-96.
 Kaaniche N, Boudguiga A, Laurent M. ID-based cryptog-raphy for secure cloud data storage [C]// Proceedings of the IEEE Sixth International Conference on Cloud Computing. Washington D C: IEEE Computer Society, 2013: 375-382.
 Wang Q, Wang C, Ren K, et al. Enabling public auditability and data dynamics for storage security in cloud computing [J]. IEEE Transactions on Parallel and Distributed Systems, 2011, 22(5): 847-859.
 Wang C, Wang Q, Ren K, et al. Privacy-preserving public auditing for data storage security in cloud computing [C]// Proceedings of the IEEE INFO-COM. Washington D C: IEEE Computer Society, 2010: 525-533.
 Yuan J, Yu S. Public integrity auditing for dynamic data sharing with multiuser modification [J]. IEEE Transactions on Information Forensics and Security, 2015, 10(8): 1717-1726.
 Zhang J, Zhao X. Privacy-preserving public auditing scheme for shared data with supporting multi-function [J]. Journal of Communications, 2015, 10(7) : 535-542.
 Zeng K. Publicly verifiable remote data integrity [C]// Pro-ceedings of the 10th International Conference on Informa-tion and Communications Security. New York: ACM, 2008: 419- 434.
 Zhu Y, Hu H, Ahn G, et al. Cooperative provable data pos-session for integrity verification in multi-cloud storage [J]. IEEE Transactions on Parallel and Distributed Systems, 2012, 23(12): 2231-2244.
 Zhu Y, Wang H, Hu Z, et al. Dynamic audit services for integrity verification of outsourced storages in clouds [C]// Proceedings of the ACM Symposium on Applied Computing. New York: ACM, 2011: 1550-1557.
 Worku S, Xu C, Zhao J, et al. Secure and efficient priva-cy-preserving public auditing scheme [J]. Computer and Electrical Engineering, 2014, 40(5): 1703-1713.
 Li Y, Yu Y, Yang B, et al. Privacy preserving cloud auditing with efficient key update [J]. Future Generation Computer Systems, 2018, 78(2): 789-798.
 Xue L, Ni J, Li Y, et al. Provable data transfer from provable data possession and deletion in cloud storage [J]. Computer Standard & Interfaces, 2017, 54(1): 46-54.
 Jin H, Zhou K, Jiang H, et al. Full integrity and freshness for cloud data [J]. Future Generation Computer Systems, 2018, 80(3): 640-652.
 Kang B, Xu D. Secure electronic cash scheme with anonymity revocation [J]. Mobile Information Systems. 2016, Article ID 2620141, DOI: http://dx.doi.org/10. 1155/ 2016/ 2620141.
 Wang H, Wu Q, Qin B, et al. Identity-based remote data possession checking in public clouds [J]. IET Information Security, 2014, 8(2) : 114-121.
 Zhang J, Dong Q. Efficient ID-based public auditing for the outsourced data in cloud storage [J]. Information Sciences, 2016, 343 (C):1-14.
 Yu Y, Xue L, Aub M, et al. Cloud data integrity checking with an identity-based auditing mechanism from RSA [J]. Future Generation Computer Systems, 2016, 62 (9): 85-91.
 Wei L, Zhu H, Cao Z, et al. Security and privacy for storage and computation in cloud computing [J]. Information Sci-ences, 2014, 258 (2): 371-386.
 He D, Wang H, Zhang J, et al. Insecurity of an iden-tity-based public auditing protocol for the outsourced data in cloud storage [J]. Information Sciences, 2017, 375 (1) 48-53.
 Hou H, Yu J, Hao R. Research on an integrity auditing scheme based on algebraic signature in cloud storage [J]. Netinfo Security, 2017, 17 (10): 69-74.
 Yang T, Yu B, Wang H, et al. Cryptanalysis and improve-ment of Panda-public auditing for shared data in cloud and internet of things [J]. Multimedia Tools and Applications, 2017, 76(19): 19411-19428.
 Kang B, Wang J, Shao D. Certificateless public auditing with privacy preserving for cloud-assisted wireless body area networks [J]. Mobile Information Systems, 2017, Article ID 2925465, DOI: https://doi.org/10.1155/2017/ 2925465.
 Bian G, Shao B, Cai W, et al. Research on multiple-replica integrity auditing method on supporting data dynamic updating in cloud environment [J]. Netinfo Security, 2017, 17 (10): 22-28.
 Kim D, Jeong I. Provably-secure public auditing with deduplication [J]. KSII Transactions on Internet and Information systems, 2017, 11(4): 2219-2236.
 Shen W, Yu J, Yang G, et al. Access-authorizing and privacy-preserving auditing with group dynamic for shared cloud data [J]. KSII Transactions on Internet and Information Systems, 2017, 10(7): 3319-3338.
 Zhang J, Li P. An efficient data integrity verification scheme for cloud storage [J]. Netinfo Security, 2017, 17 (3): 1-5.
 Yu H, Cai Y, Kong S, et al. Efficient and secure identi-ty-based public auditing for dynamic outsourced data with proxy [J]. KSII Transactions on Internet and Information Systems, 2017, 11(10): 5039-5061.
 Kim D, Kwon H, Hahn C, et al. Privacy-preserving public auditing for educational multimedia data in cloud computing [J]. Multimedia Tools and Applications, 2016, 75(21): 13077- 13091.