RITS-MHT: Relative indexed and time stamped Merkle hash tree based data auditing protocol for cloud computing

Garg, Neenu; Bawa, Seema

doi:10.1016/j.jnca.2017.02.005

Cited by 43 publications

(12 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To address this issue, Zhang et al [18] presented an MHT-based cloud auditing scheme to realize the auditing for dynamic data in the cloud. Later, a modified MHT cloud auditing scheme [35] with each node containing two values were proposed, which reduces the computational complexity of finding leaf nodes. However, the MHT-based cloud auditing schemes still have some severe overhead problems.…”

Section: B Related Workmentioning

confidence: 99%

Stateless Cloud Auditing Scheme for Non-Manager Dynamic Group Data With Privacy Preservation

Yang

Wang

et al. 2020

IEEE Access

View full text Add to dashboard Cite

As one of the core services of cloud computing, cloud storage could satisfy various storage and management requirements caused by the growth of data. Considering the complexity and uncontrollability of the cloud storage environment, many cloud auditing schemes were presented to assure the integrity of data in the cloud. However, most existing schemes have security risks, such as identity privacy and data privacy disclosure, authority abuse of group managers and collusion attacks during user revocation. To solve these problems, we propose a stateless cloud auditing scheme for non-manager dynamic group data with privacy preservation. The proposed scheme not only realizes user identity privacy preservation but also preserves data privacy security with the random masking technique. Unlike other solutions, our scheme allows t group users to trace the user's identity cooperatively without group managers, which eliminates authority abuse of group managers and provides non-frameability. Meanwhile, utilizing the concept of Shamir Secret Sharing, our scheme divides the resigning process into several parts to resist collusion attacks during user revocation. By the designed binary tree, group users could trace dynamic data changes and recover the latest data when existing data are damaged. Besides, both users and the third-party auditor (TPA) are stateless in our scheme; that is, they no need to maintain data index information during cloud auditing. Our scheme also achieves mutual supervision between users and cloud service providers (CSPs), which ensures data are non-repudiation on both parties. Furthermore, we construct an efficient incentive for data visitors by using the blockchain technology and design a secure data sharing model to guarantee that data owners control their data ownership. Certificateless cryptography assures that the proposed scheme avoids certificate management and key escrow problems. Finally, security analysis and performance evaluation show that our scheme is secure and efficient.

show abstract

Section: B Related Workmentioning

confidence: 99%

Stateless Cloud Auditing Scheme for Non-Manager Dynamic Group Data With Privacy Preservation

Yang

Wang

et al. 2020

IEEE Access

View full text Add to dashboard Cite

show abstract

“…LBT adopts a multibranch path structure, and the depth of the LBT to be constructed decreases with the increasing of out-degree, thus reducing the auxiliary information in the process of data integrity checking, simplifying the process of data dynamic update, and reducing the calculation overhead between entities in the system. In 2017, Garg and Bawa [30] added indexes and timestamps to the MHT structure introduced in the scheme [13] and proposed a rist-MHT (relative indexed and time-staged Merkle hash tree) structure. Based on this structure, they proposed a PDP mode.…”

Section: Related Workmentioning

confidence: 99%

“…On the other hand, time stamp attribute gives the authenticator data freshness. However, although these algorithms based on MHT hash tree [13,27,30] avoid downloading all the data in the auditing process, the correct verification results can only prove that the cloud server stores the hash tree but not the uploaded data.…”

Section: Related Workmentioning

confidence: 99%

A Blockchain-Based Public Auditing Scheme for Cloud Storage Environment without Trusted Auditors

Liu

Yang

et al. 2020

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

In the cloud storage applications, the cloud service provider (CSP) may delete or damage the user’s data. In order to avoid the responsibility, CSP will not actively inform the users after the data damage, which brings the loss to the user. Therefore, increasing research focuses on the public auditing technology recently. However, most of the current auditing schemes rely on the trusted third public auditor (TPA). Although the TPA brings the advantages of fairness and efficiency, it cannot get rid of the possibility of malicious auditors, because there is no fully trusted third party in the real world. As an emerging technology, blockchain technology can effectively solve the trust problem among multiple individuals, which is suitable to solve the security bottleneck in the TPA-based public auditing scheme. This paper proposed a public auditing scheme with the blockchain technology to resist the malicious auditors. In addition, through the experimental analysis, we demonstrate that our scheme is feasible and efficient.

show abstract

“…Many data integrity auditing schemes have been proposed to allow either the data owner or the Third Party Auditor (TPA) to check whether the data stored in the cloud is intact or not. These schemes focus on different aspects of data integrity auditing, such as data dynamic operation [3][4][5], the privacy protection of data and user identities [6][7][8], key exposure resilience [9][10][11], the simplification of certificate management [12,13] and privacy-preserving authenticators [14], etc. In the above data integrity auditing schemes, the user needs to generate authenticators for data blocks with his private key.…”

Section: Introductionmentioning

confidence: 99%

Data Integrity Auditing without Private Key Storage for Secure Cloud Storage

Shen

Qin

et al. 2021

IEEE Trans. Cloud Comput.

View full text Add to dashboard Cite

Using cloud storage services, users can store their data in the cloud to avoid the expenditure of local data storage and maintenance. To ensure the integrity of the data stored in the cloud, many data integrity auditing schemes have been proposed. In most, if not all, of the existing schemes, a user needs to employ his private key to generate the data authenticators for realizing the data integrity auditing. Thus, the user has to possess a hardware token (e.g. USB token, smart card) to store his private key and memorize a password to activate this private key. If this hardware token is lost or this password is forgotten, most of the current data integrity auditing schemes would be unable to work. In order to overcome this problem, we propose a new paradigm called data integrity auditing without private key storage and design such a scheme. In this scheme, we use biometric data (e.g. iris scan, fingerprint) as the user's fuzzy private key to avoid using the hardware token. Meanwhile, the scheme can still effectively complete the data integrity auditing. We utilize a linear sketch with coding and error correction processes to confirm the identity of the user. In addition, we design a new signature scheme which not only supports blockless verifiability, but also is compatible with the linear sketch. The security proof and the performance analysis show that our proposed scheme achieves desirable security and efficiency.

show abstract

RITS-MHT: Relative indexed and time stamped Merkle hash tree based data auditing protocol for cloud computing

Cited by 43 publications

References 18 publications

Stateless Cloud Auditing Scheme for Non-Manager Dynamic Group Data With Privacy Preservation

Stateless Cloud Auditing Scheme for Non-Manager Dynamic Group Data With Privacy Preservation

A Blockchain-Based Public Auditing Scheme for Cloud Storage Environment without Trusted Auditors

Data Integrity Auditing without Private Key Storage for Secure Cloud Storage

Contact Info

Product

Resources

About