3 research outputs found
Fuzzy identity-based data integrity auditing for reliable cloud storage systems
This is the author accepted manuscript. The final version is available from the publisher via the DOI in this record.As a core security issue in reliable cloud storage, data integrity has received much attention. Data auditing protocols enable
a verifier to efficiently check the integrity of the outsourced data without downloading the data. A key research challenge associated
with existing designs of data auditing protocols is the complexity in key management. In this paper, we seek to address the complex
key management challenge in cloud data integrity checking by introducing fuzzy identity-based auditing-the first in such an approach,
to the best of our knowledge. More specifically, we present the primitive of fuzzy identity-based data auditing, where a user’s identity
can be viewed as a set of descriptive attributes. We formalize the system model and the security model for this new primitive. We then
present a concrete construction of fuzzy identity-based auditing protocol by utilizing biometrics as the fuzzy identity. The new protocol
offers the property of error-tolerance, namely, it binds private key to one identity which can be used to verify the correctness of a
response generated with another identity, if and only if both identities are sufficiently close. We prove the security of our protocol based
on the computational Diffie-Hellman assumption and the discrete logarithm assumption in the selective-ID security model. Finally, we
develop a prototype implementation of the protocol which demonstrates the practicality of the proposal.This work is
supported by the National Natural Science Foundation of
China (61501333,61300213,61272436,61472083), the Fundamental
Research Funds for the Central Universities under
Grant ZYGX2015J05
Certificateless Public Auditing Protocol with Constant
To provide the integrity of outsourced data in the cloud storage services, many public auditing schemes which allow a user to check the integrity of the outsourced data have been proposed. Since most of the schemes are constructed on Public Key Infrastructure (PKI), they suffer from several concerns like management of certificates. To resolve the problems, certificateless public auditing schemes also have been studied in recent years. In this paper, we propose a certificateless public auditing scheme which has the constant-time verification algorithm. Therefore, our scheme is more efficient than previous certificateless public auditing schemes. To prove the security of our certificateless public auditing scheme, we first define three formal security models and prove the security of our scheme under the three security models
Provably secure identity based provable data possession
Provable Data Possession (PDP), which enables cloud users to verify the integrity of their outsourced data without retrieving the entire file from cloud servers, is highly essential in secure cloud storage. A majority of the existing PDP schemes rely on the expensive Public Key Infrastructure (PKI). In this paper, we eliminate the complex certificate management of PDP by presenting a generic construction of identitybased PDP (ID-PDP) protocol, derived from identity-based signatures (IBS) and traditional PDP protocols. We formalize the security model of ID-PDP and prove that the soundness of the generic construction depends on the security of the underlying PDP protocols and the IBS. Then, a concrete ID-PDP protocol is described as an instance of the generic construction to a state-of-the-art PDP protocol due to Shacham and Waters. The implementation shows that our ID-PDP protocol is efficient and practical