skip to main content
research-article

Dynamic Provable Data Possession

Published:24 April 2015Publication History
Skip Abstract Section

Abstract

As storage-outsourcing services and resource-sharing networks have become popular, the problem of efficiently proving the integrity of data stored at untrusted servers has received increased attention. In the Provable Data Possession (PDP) model, the client preprocesses the data and then sends them to an untrusted server for storage while keeping a small amount of meta-data. The client later asks the server to prove that the stored data have not been tampered with or deleted (without downloading the actual data). However, existing PDP schemes apply only to static (or append-only) files. We present a definitional framework and efficient constructions for Dynamic Provable Data Possession (DPDP), which extends the PDP model to support provable updates to stored data. We use a new version of authenticated dictionaries based on rank information. The price of dynamic updates is a performance change from O(1) to O(log n (or O(nεlog n)) for a file consisting of n blocks while maintaining the same (or better, respectively) probability of misbehavior detection. Our experiments show that this slowdown is very low in practice (e.g., 415KB proof size and 30ms computational overhead for a 1GB file). We also show how to apply our DPDP scheme to outsourced file systems and version control systems (e.g., CVS).

References

  1. Aris Anagnostopoulos, Michael T. Goodrich, and Roberto Tamassia. 2001. Persistent authenticated dictionaries and their applications. In Proceedings of the 4th International Conference on Information Security (ISC’01). Springer-Verlag, London, 379--393. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Giuseppe Ateniese, Randal Burns, Reza Curtmola, Joseph Herring, Osama Khan, Lea Kissner, Zachary Peterson, and Dawn Song. 2011. Remote data checking using provable data possession. ACM Transactions on Information and System Security (TISSEC) 14, 1, Article 12 (June 2011), 12:1--12:34 pages. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Giuseppe Ateniese, Roberto Di Pietro, Luigi V. Mancini, and Gene Tsudik. 2008. Scalable and efficient provable data possession. In Proceedings of the 4th International Conference on Security and Privacy in Communication Netowrks (SecureComm’08). ACM, New York, NY, Article 9, 9:1--9:10 pages. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Giuseppe Ateniese, Michael T. Goodrich, Vassilios Lekakis, Charalampos Papamanthou, Evripidis Paraskevas, and Roberto Tamassia. 2014. Accountable Storage. Cryptology ePrint Archive, Report 2014/886. (2014).Google ScholarGoogle Scholar
  5. Giuseppe Ateniese, Seny Kamara, and Jonathan Katz. 2009. Proofs of storage from homomorphic identification protocols. In Proceedings of the International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT’09). 319--333. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. Yonatan Aumann and Yehuda Lindell. 2010. Security against covert adversaries: Efficient protocols for realistic adversaries. Journal of Cryptology 23 (2010), 281--343. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. M. Blum, W. Evans, P. Gemmell, S. Kannan, and M. Naor. 1994. Checking the correctness of memories. Algorithmica 12, 2 (1994), 225--244.Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Dan Boneh, Ben Lynn, and Hovav Shacham. 2001. Short signatures from the weil pairing. In Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology (ASIACRYPT’01). Springer-Verlag, London, 514--532. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Kevin D. Bowers, Ari Juels, and Alina Oprea. 2009. HAIL: A high-availability and integrity layer for cloud storage. In Proceedings of the ACM International Conference on Computer and Communications Security (CCS’09). 187--198. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. David Cash, Alptekin Küpçü, and Daniel Wichs. 2013. Dynamic proofs of retrievability via oblivious RAM. In Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT’13). 279--295.Google ScholarGoogle ScholarCross RefCross Ref
  11. Nishanth Chandran, Bhavana Kanukurthi, and Rafail Ostrovsky. 2014. Locally updatable and locally decodable codes. In TCC. Springer, 489--514.Google ScholarGoogle Scholar
  12. Bo Chen and Reza Curtmola. 2014. Auditable version control systems. In Proceedings of the ISOC 21st Annual Network and Distributed System Security Symposium (NDSS’14).Google ScholarGoogle ScholarCross RefCross Ref
  13. Dwaine E. Clarke, Srinivas Devadas, Marten van Dijk, Blaise Gassend, and G. Edward Suh. 2003. Incremental multiset hash functions and their application to memory integrity checking. In Proceedings of the 9th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology (ASIACRYPT’03). 188--207.Google ScholarGoogle Scholar
  14. Reza Curtmola, Osama Khan, Randal Burns, and Giuseppe Ateniese. 2008. MR-PDP: Multiple-replica provable data possession. In Proceedings of the 28th International Conference on Distributed Computing Systems (ICDCS). IEEE Computer Society, Washington, DC, USA, 411--420. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Yevgeniy Dodis, Salil Vadhan, and Daniel Wichs. 2009. Proofs of retrievability via hardness amplification. In Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography (TCC’09). Springer-Verlag, Berlin, 109--127. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Cynthia Dwork, Moni Naor, Guy N. Rothblum, and Vinod Vaikuntanathan. 2009. How efficient can memory checking be? In Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography (TCC’09). Springer-Verlag, Berlin, 503--520. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. Chris Erway, Alptekin Küpçü, Charalampos Papamanthou, and Roberto Tamassia. 2009. Dynamic provable data possession. In Proceedings of the ACM International Conference on Computer and Communications Security (CCS’09). 213--222. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Ertem Esiner, Adilet Kachkeev, Samuel Braunfeld, Alptekin Küpçü, and Öznur Özkasap. 2013. FlexDPDP: FlexList-based optimized dynamic provable data possession. Cryptology ePrint Archive, Report 2013/645 (2013).Google ScholarGoogle Scholar
  19. Ertem Esiner, Alptekin Küpçü, and Öznur Özkasap. 2014. Analysis and optimization on FlexDPDP: A practical solution for dynamic provable data possession. In Intelligent Cloud Computing (ICC’14).Google ScholarGoogle Scholar
  20. Mohammad Etemad and Alptekin Küpçü. 2013. Transparent, distributed, and replicated dynamic provable data possession. In Proceedings of the Applied Cryptography and Network Security Conference (ACNS’13). 1--18. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Décio Luiz Gazzoni and Paulo Sérgio Licciardi Messeder Barreto. 2006. Demonstrating data possession and uncheatable data transfer. Cryptology ePrint Archive, Report 2006/150. (2006).Google ScholarGoogle Scholar
  22. Michael T. Goodrich, Charalampos Papamanthou, Roberto Tamassia, and Nikos Triandopoulos. 2008. Athos: Efficient authentication of outsourced file systems. In Proceedings of the 11th International Conference on Information Security (ISC’08). Springer-Verlag, 80--96. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. M. T. Goodrich, R. Tamassia, and A. Schwerin. 2001. Implementation of an authenticated dictionary with skip lists and commutative hashing. In Proceedings of the DARPA Information Survivability Conference & Exposition II (DISCEX’’01). 68--82.Google ScholarGoogle Scholar
  24. Ari Juels and Burton S. Kaliski. 2007. PORs: Proofs of retrievability for large files. In Proceedings of the ACM International Conference on Computer and Communications Security (CCS’07). 584--597. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. Adilet Kachkeev, Ertem Esiner, Alptekin Küpçü, and Öznur Özkasap. 2013. Energy efficiency in secure and dynamic cloud storage. In Energy Efficiency in Large Scale Distributed Systems, EE-LSDS. 125--130. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. Mahesh Kallahalla, Erik Riedel, Ram Swaminathan, Qian Wang, and Kevin Fu. 2003. Plutus: Scalable secure file sharing on untrusted storage. In Proceedings of the 2nd USENIX Conference on File and Storage Technologies (FAST’03). USENIX Association, Berkeley, CA, 29--42. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. Seny Kamara and Kristin Lauter. 2010. Cryptographic cloud storage. In Proceedings of the 14th International Conference on Financial Cryptograpy and Data Security (FC’10). Springer-Verlag, Berlin, Heidelberg, 136--149. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. John Kubiatowicz, David Bindel, Yan Chen, Steven Czerwinski, Patrick Eaton, Dennis Geels, Ramakrishan Gummadi, Sean Rhea, Hakim Weatherspoon, Westley Weimer, Chris Wells, and Ben Zhao. 2000. OceanStore: An architecture for global-scale persistent storage. ACM SIGPLAN Notices 35, 11 (2000), 190--201. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. Alptekin Küpçü. 2010a. Efficient Cryptography for the Next Generation Secure Cloud. Ph.D. Dissertation. Brown University.Google ScholarGoogle Scholar
  30. Alptekin Küpçü. 2010b. Efficient Cryptography for the Next Generation Secure Cloud: Protocols, Proofs, and Implementation. Lambert Academic Publishing.Google ScholarGoogle Scholar
  31. Alptekin Küpçü. 2013. Official arbitration with secure cloud storage application. Computer Journal (2013). DOI:http://dx.doi.org/10.1093/comjnl/bxt138Google ScholarGoogle Scholar
  32. Feifei Li, Marios Hadjieleftheriou, George Kollios, and Leonid Reyzin. 2006. Dynamic authenticated index structures for outsourced databases. In Proceedings of the 2006 ACM SIGMOD International Conference on Management of Data (SIGMOD’06). ACM, New York, NY, 121--132. Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. Jinyuan Li, Maxwell Krohn, David Mazières, and Dennis Shasha. 2004. Secure untrusted data repository (SUNDR). In Proceedings of the 6th Conference on Symposium on Operating Systems Design & Implementation - Volume 6 (OSDI’’04). USENIX Association, Berkeley, CA. Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. Umesh Maheshwari, Radek Vingralek, and William Shapiro. 2000. How to build a trusted database system on untrusted storage. In Proceedings of the 4th Conference on Symposium on Operating System Design & Implementation - Volume 4 (OSDI’’00). USENIX Association, Berkeley, CA, 10--26. Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. R. C. Merkle. 1987. A digital signature based on a conventional encryption function. In Proceedings of the International Cryptology Conference (CRYPTO’87). 369--378. Google ScholarGoogle ScholarDigital LibraryDigital Library
  36. Gary L. Miller. 1975. Riemann’s hypothesis and tests for primality. In Proceedings of 7th Annual ACM Symposium on Theory of Computing (STOC’75). ACM, New York, NY, 234--239. Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. Athicha Muthitacharoen, Robert Morris, Thomer M. Gil, and Benjie Chen. 2002. Ivy: A read/write peer-to-peer file system. In Proceedings of the 5th Symposium on Operating Systems Design and Implementation (OSDI’02). ACM, New York, NY, 31--44. Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. Moni Naor and Kobbi Nissim. 1998. Certificate revocation and certificate update. In Proceedings of the 7th Conference on USENIX Security Symposium - Volume 7 (SSYM’98). USENIX Association, Berkeley, CA. Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. Moni Naor and Guy N. Rothblum. 2005. The complexity of online memory checking. In Proceedings of the 46th Annual IEEE Symposium on Foundations of Computer Science (FOCS’05). IEEE Computer Society, Washington, DC, 573--584. Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. A. Oprea, M. K. Reiter, and K. Yang. 2005. Space-efficient block storage integrity. In NDSS.Google ScholarGoogle Scholar
  41. Charalampos Papamanthou and Roberto Tamassia. 2007. Time and space efficient algorithms for two-party authenticated data structures. In Proceedings of the 9th International Conference on Information and Communications Security (ICICS’07). Springer-Verlag, Berlin, 1--15. Google ScholarGoogle ScholarDigital LibraryDigital Library
  42. Charalampos Papamanthou, Roberto Tamassia, and Nikos Triandopoulos. 2008. Authenticated hash tables. In Proceedings of the 15th ACM Conference on Computer and Communications Security (CCS’08). ACM, New York, NY, 437--448. Google ScholarGoogle ScholarDigital LibraryDigital Library
  43. William Pugh. 1990. Skip lists: A probabilistic alternative to balanced trees. Communications of the ACM 33, 6 (June 1990), 668--676. Google ScholarGoogle ScholarDigital LibraryDigital Library
  44. I. Reed and G. Solomon. 1960. Polynomial codes over certain finite fields. Journal of SIAM 8 (1960), 300--304.Google ScholarGoogle Scholar
  45. Thomas S. J. Schwarz and Ethan L. Miller. 2006. Store, forget, and check: Using algebraic signatures to check remotely administered storage. In Proceedings of the 26th IEEE International Conference on Distributed Computing Systems (ICDCS’06). IEEE Computer Society, Washington, DC, USA. Google ScholarGoogle ScholarDigital LibraryDigital Library
  46. F. Sebe, A. Martinez-Balleste, Y. Deswarte, J. Domingo-Ferre, and J.-J. Quisquater. 2004. Time-bounded remote file integrity checking. Technical Report 04429, LAAS. (July 2004).Google ScholarGoogle Scholar
  47. Hovav Shacham and Brent Waters. 2013. Compact proofs of retrievability. Journal of Cryptology 26, 3 (2013), 442--483. DOI:http://dx.doi.org/10.1007/s00145-012-9129-2 Google ScholarGoogle ScholarDigital LibraryDigital Library
  48. Mehul A. Shah, Ram Swaminathan, and Mary Baker. 2008. Privacy-Preserving Audit and Extraction of Digital Contents. Technical Report. HP Labs Technical Report No. HPL-2008-32.Google ScholarGoogle Scholar
  49. Elaine Shi, Emil Stefanov, and Charalampos Papamanthou. 2013. Practical dynamic proofs of retrievability. In Proceedings of the ACM International Conference on Computer and Communications Security (CCS’13). 325--336. Google ScholarGoogle ScholarDigital LibraryDigital Library
  50. Emil Stefanov, Marten van Dijk, Ari Juels, and Alina Oprea. 2012. Iris: A scalable cloud file system with efficient integrity checks. In Proceedings of the 28th Annual Computer Security Applications Conference (ACSAC’12). ACM, New York, NY, 229--238. Google ScholarGoogle ScholarDigital LibraryDigital Library
  51. Roberto Tamassia. 2003. Authenticated data structures. In Proceedings of the European Symposium on Algorithms (ESA’03). 2--5.Google ScholarGoogle ScholarCross RefCross Ref
  52. Roberto Tamassia and Nikos Triandopoulos. 2005. Computational bounds on hierarchical data processing with applications to information security. In Proceedings of the 32nd International Conference on Automata, Languages and Programming (ICALP’05). Springer-Verlag, Berlin, 153--165. Google ScholarGoogle ScholarDigital LibraryDigital Library
  53. Cong Wang, Qian Wang, Kui Ren, and Wenjing Lou. 2010. Privacy-preserving public auditing for data storage security in cloud computing. In Proceedings of the 29th Conference on Information Communications (INFOCOM’10). IEEE Press, Piscataway, NJ, 525--533. Google ScholarGoogle ScholarDigital LibraryDigital Library
  54. Qian Wang, Cong Wang, Jin Li, Kui Ren, and Wenjing Lou. 2009. Enabling public veriability and data dynamics for storage security in cloud computing. In Proceedings of the European Symposium on Research in Computer Security (ESORICS’09). 355--370. Google ScholarGoogle ScholarDigital LibraryDigital Library
  55. Qingji Zheng and Shouhuai Xu. 2011. Fair and dynamic proofs of retrievability. In Proceedings of the 1st ACM Conference on Data and Application Security and Privacy (CODASPY’11). ACM, New York, NY, 237--248. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Dynamic Provable Data Possession

        Recommendations

        Comments

        Login options

        Check if you have access through your login credentials or your institution to get full access on this article.

        Sign in

        Full Access

        PDF Format

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader
        About Cookies On This Site

        We use cookies to ensure that we give you the best experience on our website.

        Learn more

        Got it!