Fuzzy identity-based data integrity auditing for reliable cloud storage systems

This is the author accepted manuscript. The final version is available from the publisher via the DOI in this record.As a core security issue in reliable cloud storage, data integrity has received much attention. Data auditing protocols enable a verifier to efficiently check the integrity of the outsourced data without downloading the data. A key research challenge associated with existing designs of data auditing protocols is the complexity in key management. In this paper, we seek to address the complex key management challenge in cloud data integrity checking by introducing fuzzy identity-based auditing-the first in such an approach, to the best of our knowledge. More specifically, we present the primitive of fuzzy identity-based data auditing, where a user’s identity can be viewed as a set of descriptive attributes. We formalize the system model and the security model for this new primitive. We then present a concrete construction of fuzzy identity-based auditing protocol by utilizing biometrics as the fuzzy identity. The new protocol offers the property of error-tolerance, namely, it binds private key to one identity which can be used to verify the correctness of a response generated with another identity, if and only if both identities are sufficiently close. We prove the security of our protocol based on the computational Diffie-Hellman assumption and the discrete logarithm assumption in the selective-ID security model. Finally, we develop a prototype implementation of the protocol which demonstrates the practicality of the proposal.This work is supported by the National Natural Science Foundation of China (61501333,61300213,61272436,61472083), the Fundamental Research Funds for the Central Universities under Grant ZYGX2015J05

Certificateless Public Auditing Protocol with Constant

To provide the integrity of outsourced data in the cloud storage services, many public auditing schemes which allow a user to check the integrity of the outsourced data have been proposed. Since most of the schemes are constructed on Public Key Infrastructure (PKI), they suffer from several concerns like management of certificates. To resolve the problems, certificateless public auditing schemes also have been studied in recent years. In this paper, we propose a certificateless public auditing scheme which has the constant-time verification algorithm. Therefore, our scheme is more efficient than previous certificateless public auditing schemes. To prove the security of our certificateless public auditing scheme, we first define three formal security models and prove the security of our scheme under the three security models

Provably secure identity based provable data possession

Provable Data Possession (PDP), which enables cloud users to verify the integrity of their outsourced data without retrieving the entire file from cloud servers, is highly essential in secure cloud storage. A majority of the existing PDP schemes rely on the expensive Public Key Infrastructure (PKI). In this paper, we eliminate the complex certificate management of PDP by presenting a generic construction of identitybased PDP (ID-PDP) protocol, derived from identity-based signatures (IBS) and traditional PDP protocols. We formalize the security model of ID-PDP and prove that the soundness of the generic construction depends on the security of the underlying PDP protocols and the IBS. Then, a concrete ID-PDP protocol is described as an instance of the generic construction to a state-of-the-art PDP protocol due to Shacham and Waters. The implementation shows that our ID-PDP protocol is efficient and practical