Certificateless privacy preserving public auditing for dynamic shared data with group user revocation in cloud storage

Gudeme, Jaya Rao; Pasupuleti, Syam Kumar; Kandukuri, Ramesh

doi:10.1016/j.jpdc.2021.06.001

Cited by 27 publications

(25 citation statements)

References 42 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In recent years, more and more researchers have conducted further research on multi-replica storage, 11,12 and the dynamic operation of outsourced data. 13 In 2020, Rao et al 14 proposed a dynamic audit scheme. It adopts a new Merkle hash tree (MHT) method based on batch leaf authentication to process multiple leaf nodes and their indexes.…”

Section: Related Workmentioning

confidence: 99%

“…Barsoum et al 10 developed the multi‐replica scheme, enabling users to generate different integrity metadata for different data replicas. In recent years, more and more researchers have conducted further research on multi‐replica storage, 11,12 and the dynamic operation of outsourced data 13 . In 2020, Rao et al 14 proposed a dynamic audit scheme.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

An arbitrable multi‐replica data auditing scheme based on smart contracts

Tian

Yang

2022

Concurrency and Computation

View full text Add to dashboard Cite

Summary In order to improve the availability and persistence of data, lightweight cloud users want to store multiple‐replicas of the original file on the server with less local computing and storage overhead. Meanwhile, to ensure the integrity of the remote storage data, some schemes have been designed to allow public verification. However, most existing schemes only focus on malicious cloud service providers and ignore the possibility that dishonest users cheat for profit. This article implements an arbitrable data auditing scheme under multi‐replica storage. The scheme adopts a new arbitration mechanism under multi‐replica storage, makes use of the non‐tampering characteristics of smart contracts, carries out reliable verification through miners, and realizes the timely detection and punishment of any fraudulent entity. In addition, the scheme also designs a multi‐replica storage model based on the B* tree, realizes the batch verification of replica blocks, enables the fraud behavior of malicious users to be identified after data update, and improves the space utilization efficiency. The article also gives detailed security proof of the proposed scheme. The evaluation result shows our scheme not only realizes a more practical and fairer audit scheme but also has lower computational overhead than current state‐of‐the‐art multi‐replica arbitrable schemes.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

An arbitrable multi‐replica data auditing scheme based on smart contracts

Tian

Yang

2022

Concurrency and Computation

View full text Add to dashboard Cite

show abstract

“…Li et al [27] propose a new data structure named variable Merkle hash tree (VMHT) for generating the integrity proofs of those data replicas during the audit, which solves the above problem. Considering existing schemes suffer from issues of complex certificate management or key escrow problems, Gudeme et al [28] propose a certificateless privacy-preserving public auditing scheme for dynamic shared data with group user revocation in cloud storage, without public key infrastructure (PKI) or identity-based cryptography (IBC). To verify whether an untrusted CSP stores all their replicas in different geographic locations or not.…”

Section: Related Workmentioning

confidence: 99%

Audit as You Go: A Smart Contract-Based Outsourced Data Integrity Auditing Scheme for Multiauditor Scenarios with One Person, One Vote

2022

Security and Communication Networks

View full text Add to dashboard Cite

The data outsourcing services provided by cloud storage have greatly reduced the headache of data management for users, but the issue of remote data integrity poses further security concerns and computing burdens. The introduction of a third-party auditor (TPA) frees data owners from the auditing burden and alleviates disputes over the audit results between data owners and cloud storage providers. However, malicious cloud servers may collude with TPAs to deceive users for financial profits. Hiring multiple auditors in a single audit assignment appears to be a method to address the above problem, but the ensuing voting issues need to be further explored. In this paper, we proposed a smart contract-based outsourced data integrity auditing scheme for multiauditor scenarios. Unlike some existing schemes using reputation like factors as their voting weights, auditors in our scheme vote equally and audit as they go, without any maintenance. This mechanism not only frees auditors from trivia not related to the auditing but also avoids the drawbacks of centralization associated with over-high voting weights. The challenge used to check the integrity of the outsourced data is jointly generated by each involved auditor. Any collusion would be detected as long as there exists more than one honest auditor in the audit. We implement and deploy the scheme as Ethereum smart contracts. With the help of blockchain, the entire auditing process is public and transparent. Both the generated data and the obtained results are persisted with immutability, which ensures the traceability of all historical audits. The comprehensive theoretical and experimental analyses demonstrate that our scheme meets the claimed targets with high efficiency and low gas costs.

show abstract

“…While the user trusts and assumes the confidentiality of data files at the cloud server, there is still concern about remote data file integrity. Numerous schemes in the literature [2], [3], [4], [5], [7], [9], [10], [11], [12], [14], [15], [16], [17], [18], [19], [23], [24], [25], [26], [28], [29], [30], [31], [32], [40], [41], [42] provide remote data integrity checking (RDIC) mechanisms that allow the user to verify the integrity of the remote data file. An RDIC scheme contains two main components: The first is called the preprocessing component, and the second is called the auditing component.…”

Section: Introductionmentioning

confidence: 99%

“…There are many RDIC techniques [23], [24], [25], [28], [30], [31], [40] for shared group data in cloud computing scenarios. A few of these schemes employ the public key infrastructure (PKI) [13], [25], where users select their private-public key pair, and the public key is securely transmitted to a trusted certificate authority (CA).…”

Section: Introductionmentioning

confidence: 99%

A Distributed and Decentralized Certificateless Framework for Reliable Shared Data Auditing for FOG-CPS Networks

Burra

Maity

2023

IEEE Access

View full text Add to dashboard Cite

FOG computing enhances communication efficiency by processing data at the network's edge. In many critical infrastructure (CI) networks, user entities outsource data to the FOG server, but the reliability of the data is a concern. To avoid incorrect decision-making due to corrupt data, a data auditing process is mandatory. Further, a group of user entities in a CI network generate data onto a common file and outsource the file to the FOG server. Auditing such shared group data creates additional complexities. Existing shared group data auditing schemes using public key infrastructure (PKI) or identity-based cryptography (IBC) face challenges such as certificate management or key escrow problems respectively. While, certificateless cryptography (CLC) offers better security and efficiency, but many CLC-based shared group data auditing schemes lack protection against key generation center compromise. The key generation process in many of the existing shared group data auditing schemes is centralized and does not support flexible user entity admission. This paper proposes a distributed and decentralized cryptography approach to enhance the security of key generation for group members. The scheme offers flexible user admission, allowing for full or semi-membership. The proposed scheme provides efficient and secure shared group data auditing against public key replacement, metadata forgery, and integrity attacks, as shown by performance evaluation and security analysis.

show abstract

Certificateless privacy preserving public auditing for dynamic shared data with group user revocation in cloud storage

Cited by 27 publications

References 42 publications

An arbitrable multi‐replica data auditing scheme based on smart contracts

An arbitrable multi‐replica data auditing scheme based on smart contracts

Audit as You Go: A Smart Contract-Based Outsourced Data Integrity Auditing Scheme for Multiauditor Scenarios with One Person, One Vote

A Distributed and Decentralized Certificateless Framework for Reliable Shared Data Auditing for FOG-CPS Networks

Contact Info

Product

Resources

About