Skip to main content
SpringerLink
Log in

Improvement of a Remote Data Possession Checking Protocol from Algebraic Signatures

  • Conference paper
Information Security Practice and Experience (ISPEC 2014)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8434))

Abstract

Cloud storage allows cloud users to enjoy the on-demand and high quality data storage services without the burden of local data storage and maintenance. However, the cloud servers are not necessarily fully trusted. As a consequence, whether the data stored on the cloud are intact becomes a major concern. To solve this challenging problem, recently, Chen proposed a remote data possession checking (RDPC) protocol using algebraic signatures. It achieves many desirable features such as high efficiency, small challenges and responses, non-block verification. In this paper, we find that the protocol is vulnerable to replay attack and deletion attack launched by a dishonest server. Specifically, the server can either fool the user to believe that the data is well maintained but actually only a proof of the challenge is stored, or can generate a valid response in the integrity checking process after deleting the entire file of the user. We then propose an improved scheme to fix the security flaws of the original protocol without losing the desirable features of the original protocol.

This work is supported by the NSFC of China under Grants 61003232, 61370203, 61202450, the National Research Foundation for the Doctoral Program of Higher Education of China under Grants 20100185120012, 20123503120001, the NSFC of China for International Young Scientists under Grant 61250110543, Department of Education, Fujian Province, A-Class Project under Grant JA12076, and the Fundamental Research Funds for the Central Universities under Grant ZYGX2011J067.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Buyyaa, R., Yeoa, C., Broberga, J., Brandicc, I.: Cloud computing and emerging IT platforms: Vision, hype, and reality for delivering computing as the 5th utility. Future Generation Computer Systems 25(6), 599–616 (2009)

    Article  Google Scholar 

  2. Zissis, D., Lekkas, D.: Addressing cloud computing security issues. Future Generation Computer Systems 28(3), 583–592 (2012)

    Article  Google Scholar 

  3. Ateniese, G., Burns, R.C., Curtmola, R., Herring, J., Kissner, L., Peterson, Z.N.J., Song, D.: Provable data possession at untrusted stores. In: Proceeding of ACM CCS 2007, Alexandria, Virginia, USA, pp. 598–609. ACM (2007)

    Google Scholar 

  4. Ateniese, G., Burns, R.C., Curtmola, R., Herring, J., Kissner, L., Peterson, Z.N.J., Song, D.: Remote data checking using provable data possession. ACM Trans. Inf. Syst. Security 14(1), 12 (2011)

    Article  Google Scholar 

  5. Juels, A., Kaliski, B.S.: PORs: proofs of retrievability for large files. In: Proceeding of ACM CCS 2007, Alexandria, Virginia, USA, pp. 584–597. ACM (2007)

    Google Scholar 

  6. Shacham, H., Waters, B.: Compact proofs of retrievability. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 90–107. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  7. Shacham, H., Waters, B.: Compact proofs of retrievability. Journal of Cryptology 26(3), 442–483 (2013)

    Article  MATH  MathSciNet  Google Scholar 

  8. Ateniese, G., Kamara, S., Katz, J.: Proofs of storage from homomorphic identification protocols. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 319–333. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  9. Wang, Q., Wang, C., Li, J., Ren, K., Lou, W.: Enabling public verifiability and data dynamics for storage security in cloud computing. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 355–370. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  10. Wang, Q., Wang, C., Ren, K., Lou, W., Li, J.: Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans. Parallel Distrib. Syst. 22(5), 847–859 (2012)

    Article  Google Scholar 

  11. Wang, C., Ren, K., Lou, W., Li, J.: Toward public auditable secure cloud data storage services. IEEE Network 24(4), 19–24 (2010)

    Article  Google Scholar 

  12. Zhu, Y., Hu, H., Ahn, G.J., Stephen, S.: Yau: efficient audit service outsourcing for data integrity in clouds. Journal of Systems and Software 85(5), 1083–1095 (2012)

    Article  Google Scholar 

  13. Zhu, Y., Hu, H., Ahn, G.J., Yu, M.: Cooperative provable data possession for integrity verification in multicloud storage. IEEE Trans. Parallel Distrib. Syst. 23(12), 2231–2244 (2012)

    Article  Google Scholar 

  14. Yang, K., Jia, X.: An efficient and secure dynamic auditing protocol for data storage in cloud computing. IEEE Trans. Parallel Distrib. Syst. 24(9), 1717–1726 (2013)

    Article  Google Scholar 

  15. Zhu, Y., Wang, S.B., Hu, H., Ahn, G.J., Ma, D.: Secure collaborative integrity verification for hybrid cloud environments. Int. J. Cooperative Inf. Syst. 21(3), 165–198 (2012)

    Article  Google Scholar 

  16. Wang, C., Chow, S.S.M., Wang, Q., Ren, K., Lou, W.: Privacy-preserving public auditing for secure cloud storage. IEEE Trans. Computers 62(2), 362–375 (2013)

    Article  MathSciNet  Google Scholar 

  17. Curtmola, R., Khan, O., Burns, R.: Robust remote data checking. In: Proceeding of Storage SS 2008, Fairfax, Virginia, USA, pp. 63–68. ACM (2008)

    Google Scholar 

  18. Bowers, K.D., Juels, A., Oprea, A.: Proofs of retrievability: theory and implementation. In: Proceeding of CCSW 2009, Chicago, Illinois, USA, pp. 43–54. ACM (2009)

    Google Scholar 

  19. Dodis, Y., Vadhan, S., Wichs, D.: Proofs of retrievability via hardness amplification. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 109–127. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  20. Chen, L.: Using algebraic signatures to check data possession in cloud storage. Future Generation Computer Systems 29(7), 1709–1715 (2013)

    Article  Google Scholar 

  21. Schwarz, T., Miller, E.: Store, forget, and check: using algebraic signatures to check remotely administered storage. In: Proceeding of ICDCS 2006, Lisbon, Portugal, p. 12. IEEE Computer Society (2006)

    Google Scholar 

  22. Ni, J., Yu, Y., Mu, Y., Xia, Q.: On the security of an efficient dynamic auditing protocol in cloud storage. IEEE Transactions on Parallel and Distributed Systems (2013), doi:10.1109/TPDS.2013.199

    Google Scholar 

  23. Erway, C., Kupcu, A., Papamanthou, C., Tamassia, R.: Dynamic provable data possession. In: Proceeding of ACM CC 2009, Hyatt Regency Chicago, Chicago, IL, USA, pp. 213–222. ACM (2009)

    Google Scholar 

  24. Ateniese, G., Pietro, R.D., Mancini, L.V., Tsudik, G.: Scalable and efficient provable data possession. In: Proceeding of SecureComm 2008, Stanbul, Turkey, pp. 1–10. IEEE Computer Society (2008)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, 611731, China

    Yong Yu, Jianbing Ni & Qi Xia

  2. State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, 100093, China

    Yong Yu

  3. Department of Electrical and Computer Engineering, Michigan State University, MI, 4882, USA

    Jian Ren

  4. School of Mathematics and Computer Science, Fujian Normal University, Fuzhou, 350007, China

    Wei Wu & Lanxiang Chen

Authors
  1. Yong Yu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jianbing Ni
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jian Ren
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Wei Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Lanxiang Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Qi Xia
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Mathematics and Computer Science, Fujian Normal University, No. 32 Shangsan Road, 350007, Fuzhou, China

    Xinyi Huang

  2. Infocom Security Department, Institute for Infocomm Research, 1 Fusionopolis Way, #21-01 Connexis, South Tower, 138632, Singapore, Singapore

    Jianying Zhou

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Yu, Y., Ni, J., Ren, J., Wu, W., Chen, L., Xia, Q. (2014). Improvement of a Remote Data Possession Checking Protocol from Algebraic Signatures. In: Huang, X., Zhou, J. (eds) Information Security Practice and Experience. ISPEC 2014. Lecture Notes in Computer Science, vol 8434. Springer, Cham. https://doi.org/10.1007/978-3-319-06320-1_27

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-06320-1_27

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-06319-5

  • Online ISBN: 978-3-319-06320-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation