Abstract
As storage-outsourcing services and resource-sharing networks have become popular, the problem of efficiently proving the integrity of data stored at untrusted servers has received increased attention. In the Provable Data Possession (PDP) model, the client preprocesses the data and then sends them to an untrusted server for storage while keeping a small amount of meta-data. The client later asks the server to prove that the stored data have not been tampered with or deleted (without downloading the actual data). However, existing PDP schemes apply only to static (or append-only) files. We present a definitional framework and efficient constructions for Dynamic Provable Data Possession (DPDP), which extends the PDP model to support provable updates to stored data. We use a new version of authenticated dictionaries based on rank information. The price of dynamic updates is a performance change from O(1) to O(log n (or O(nεlog n)) for a file consisting of n blocks while maintaining the same (or better, respectively) probability of misbehavior detection. Our experiments show that this slowdown is very low in practice (e.g., 415KB proof size and 30ms computational overhead for a 1GB file). We also show how to apply our DPDP scheme to outsourced file systems and version control systems (e.g., CVS).
- Aris Anagnostopoulos, Michael T. Goodrich, and Roberto Tamassia. 2001. Persistent authenticated dictionaries and their applications. In Proceedings of the 4th International Conference on Information Security (ISC’01). Springer-Verlag, London, 379--393. Google Scholar
Digital Library
- Giuseppe Ateniese, Randal Burns, Reza Curtmola, Joseph Herring, Osama Khan, Lea Kissner, Zachary Peterson, and Dawn Song. 2011. Remote data checking using provable data possession. ACM Transactions on Information and System Security (TISSEC) 14, 1, Article 12 (June 2011), 12:1--12:34 pages. Google Scholar
Digital Library
- Giuseppe Ateniese, Roberto Di Pietro, Luigi V. Mancini, and Gene Tsudik. 2008. Scalable and efficient provable data possession. In Proceedings of the 4th International Conference on Security and Privacy in Communication Netowrks (SecureComm’08). ACM, New York, NY, Article 9, 9:1--9:10 pages. Google Scholar
Digital Library
- Giuseppe Ateniese, Michael T. Goodrich, Vassilios Lekakis, Charalampos Papamanthou, Evripidis Paraskevas, and Roberto Tamassia. 2014. Accountable Storage. Cryptology ePrint Archive, Report 2014/886. (2014).Google Scholar
- Giuseppe Ateniese, Seny Kamara, and Jonathan Katz. 2009. Proofs of storage from homomorphic identification protocols. In Proceedings of the International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT’09). 319--333. Google Scholar
Digital Library
- Yonatan Aumann and Yehuda Lindell. 2010. Security against covert adversaries: Efficient protocols for realistic adversaries. Journal of Cryptology 23 (2010), 281--343. Google Scholar
Digital Library
- M. Blum, W. Evans, P. Gemmell, S. Kannan, and M. Naor. 1994. Checking the correctness of memories. Algorithmica 12, 2 (1994), 225--244.Google Scholar
Digital Library
- Dan Boneh, Ben Lynn, and Hovav Shacham. 2001. Short signatures from the weil pairing. In Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology (ASIACRYPT’01). Springer-Verlag, London, 514--532. Google Scholar
Digital Library
- Kevin D. Bowers, Ari Juels, and Alina Oprea. 2009. HAIL: A high-availability and integrity layer for cloud storage. In Proceedings of the ACM International Conference on Computer and Communications Security (CCS’09). 187--198. Google Scholar
Digital Library
- David Cash, Alptekin Küpçü, and Daniel Wichs. 2013. Dynamic proofs of retrievability via oblivious RAM. In Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT’13). 279--295.Google Scholar
Cross Ref
- Nishanth Chandran, Bhavana Kanukurthi, and Rafail Ostrovsky. 2014. Locally updatable and locally decodable codes. In TCC. Springer, 489--514.Google Scholar
- Bo Chen and Reza Curtmola. 2014. Auditable version control systems. In Proceedings of the ISOC 21st Annual Network and Distributed System Security Symposium (NDSS’14).Google Scholar
Cross Ref
- Dwaine E. Clarke, Srinivas Devadas, Marten van Dijk, Blaise Gassend, and G. Edward Suh. 2003. Incremental multiset hash functions and their application to memory integrity checking. In Proceedings of the 9th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology (ASIACRYPT’03). 188--207.Google Scholar
- Reza Curtmola, Osama Khan, Randal Burns, and Giuseppe Ateniese. 2008. MR-PDP: Multiple-replica provable data possession. In Proceedings of the 28th International Conference on Distributed Computing Systems (ICDCS). IEEE Computer Society, Washington, DC, USA, 411--420. Google Scholar
Digital Library
- Yevgeniy Dodis, Salil Vadhan, and Daniel Wichs. 2009. Proofs of retrievability via hardness amplification. In Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography (TCC’09). Springer-Verlag, Berlin, 109--127. Google Scholar
Digital Library
- Cynthia Dwork, Moni Naor, Guy N. Rothblum, and Vinod Vaikuntanathan. 2009. How efficient can memory checking be? In Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography (TCC’09). Springer-Verlag, Berlin, 503--520. Google Scholar
Digital Library
- Chris Erway, Alptekin Küpçü, Charalampos Papamanthou, and Roberto Tamassia. 2009. Dynamic provable data possession. In Proceedings of the ACM International Conference on Computer and Communications Security (CCS’09). 213--222. Google Scholar
Digital Library
- Ertem Esiner, Adilet Kachkeev, Samuel Braunfeld, Alptekin Küpçü, and Öznur Özkasap. 2013. FlexDPDP: FlexList-based optimized dynamic provable data possession. Cryptology ePrint Archive, Report 2013/645 (2013).Google Scholar
- Ertem Esiner, Alptekin Küpçü, and Öznur Özkasap. 2014. Analysis and optimization on FlexDPDP: A practical solution for dynamic provable data possession. In Intelligent Cloud Computing (ICC’14).Google Scholar
- Mohammad Etemad and Alptekin Küpçü. 2013. Transparent, distributed, and replicated dynamic provable data possession. In Proceedings of the Applied Cryptography and Network Security Conference (ACNS’13). 1--18. Google Scholar
Digital Library
- Décio Luiz Gazzoni and Paulo Sérgio Licciardi Messeder Barreto. 2006. Demonstrating data possession and uncheatable data transfer. Cryptology ePrint Archive, Report 2006/150. (2006).Google Scholar
- Michael T. Goodrich, Charalampos Papamanthou, Roberto Tamassia, and Nikos Triandopoulos. 2008. Athos: Efficient authentication of outsourced file systems. In Proceedings of the 11th International Conference on Information Security (ISC’08). Springer-Verlag, 80--96. Google Scholar
Digital Library
- M. T. Goodrich, R. Tamassia, and A. Schwerin. 2001. Implementation of an authenticated dictionary with skip lists and commutative hashing. In Proceedings of the DARPA Information Survivability Conference & Exposition II (DISCEX’’01). 68--82.Google Scholar
- Ari Juels and Burton S. Kaliski. 2007. PORs: Proofs of retrievability for large files. In Proceedings of the ACM International Conference on Computer and Communications Security (CCS’07). 584--597. Google Scholar
Digital Library
- Adilet Kachkeev, Ertem Esiner, Alptekin Küpçü, and Öznur Özkasap. 2013. Energy efficiency in secure and dynamic cloud storage. In Energy Efficiency in Large Scale Distributed Systems, EE-LSDS. 125--130. Google Scholar
Digital Library
- Mahesh Kallahalla, Erik Riedel, Ram Swaminathan, Qian Wang, and Kevin Fu. 2003. Plutus: Scalable secure file sharing on untrusted storage. In Proceedings of the 2nd USENIX Conference on File and Storage Technologies (FAST’03). USENIX Association, Berkeley, CA, 29--42. Google Scholar
Digital Library
- Seny Kamara and Kristin Lauter. 2010. Cryptographic cloud storage. In Proceedings of the 14th International Conference on Financial Cryptograpy and Data Security (FC’10). Springer-Verlag, Berlin, Heidelberg, 136--149. Google Scholar
Digital Library
- John Kubiatowicz, David Bindel, Yan Chen, Steven Czerwinski, Patrick Eaton, Dennis Geels, Ramakrishan Gummadi, Sean Rhea, Hakim Weatherspoon, Westley Weimer, Chris Wells, and Ben Zhao. 2000. OceanStore: An architecture for global-scale persistent storage. ACM SIGPLAN Notices 35, 11 (2000), 190--201. Google Scholar
Digital Library
- Alptekin Küpçü. 2010a. Efficient Cryptography for the Next Generation Secure Cloud. Ph.D. Dissertation. Brown University.Google Scholar
- Alptekin Küpçü. 2010b. Efficient Cryptography for the Next Generation Secure Cloud: Protocols, Proofs, and Implementation. Lambert Academic Publishing.Google Scholar
- Alptekin Küpçü. 2013. Official arbitration with secure cloud storage application. Computer Journal (2013). DOI:http://dx.doi.org/10.1093/comjnl/bxt138Google Scholar
- Feifei Li, Marios Hadjieleftheriou, George Kollios, and Leonid Reyzin. 2006. Dynamic authenticated index structures for outsourced databases. In Proceedings of the 2006 ACM SIGMOD International Conference on Management of Data (SIGMOD’06). ACM, New York, NY, 121--132. Google Scholar
Digital Library
- Jinyuan Li, Maxwell Krohn, David Mazières, and Dennis Shasha. 2004. Secure untrusted data repository (SUNDR). In Proceedings of the 6th Conference on Symposium on Operating Systems Design & Implementation - Volume 6 (OSDI’’04). USENIX Association, Berkeley, CA. Google Scholar
Digital Library
- Umesh Maheshwari, Radek Vingralek, and William Shapiro. 2000. How to build a trusted database system on untrusted storage. In Proceedings of the 4th Conference on Symposium on Operating System Design & Implementation - Volume 4 (OSDI’’00). USENIX Association, Berkeley, CA, 10--26. Google Scholar
Digital Library
- R. C. Merkle. 1987. A digital signature based on a conventional encryption function. In Proceedings of the International Cryptology Conference (CRYPTO’87). 369--378. Google Scholar
Digital Library
- Gary L. Miller. 1975. Riemann’s hypothesis and tests for primality. In Proceedings of 7th Annual ACM Symposium on Theory of Computing (STOC’75). ACM, New York, NY, 234--239. Google Scholar
Digital Library
- Athicha Muthitacharoen, Robert Morris, Thomer M. Gil, and Benjie Chen. 2002. Ivy: A read/write peer-to-peer file system. In Proceedings of the 5th Symposium on Operating Systems Design and Implementation (OSDI’02). ACM, New York, NY, 31--44. Google Scholar
Digital Library
- Moni Naor and Kobbi Nissim. 1998. Certificate revocation and certificate update. In Proceedings of the 7th Conference on USENIX Security Symposium - Volume 7 (SSYM’98). USENIX Association, Berkeley, CA. Google Scholar
Digital Library
- Moni Naor and Guy N. Rothblum. 2005. The complexity of online memory checking. In Proceedings of the 46th Annual IEEE Symposium on Foundations of Computer Science (FOCS’05). IEEE Computer Society, Washington, DC, 573--584. Google Scholar
Digital Library
- A. Oprea, M. K. Reiter, and K. Yang. 2005. Space-efficient block storage integrity. In NDSS.Google Scholar
- Charalampos Papamanthou and Roberto Tamassia. 2007. Time and space efficient algorithms for two-party authenticated data structures. In Proceedings of the 9th International Conference on Information and Communications Security (ICICS’07). Springer-Verlag, Berlin, 1--15. Google Scholar
Digital Library
- Charalampos Papamanthou, Roberto Tamassia, and Nikos Triandopoulos. 2008. Authenticated hash tables. In Proceedings of the 15th ACM Conference on Computer and Communications Security (CCS’08). ACM, New York, NY, 437--448. Google Scholar
Digital Library
- William Pugh. 1990. Skip lists: A probabilistic alternative to balanced trees. Communications of the ACM 33, 6 (June 1990), 668--676. Google Scholar
Digital Library
- I. Reed and G. Solomon. 1960. Polynomial codes over certain finite fields. Journal of SIAM 8 (1960), 300--304.Google Scholar
- Thomas S. J. Schwarz and Ethan L. Miller. 2006. Store, forget, and check: Using algebraic signatures to check remotely administered storage. In Proceedings of the 26th IEEE International Conference on Distributed Computing Systems (ICDCS’06). IEEE Computer Society, Washington, DC, USA. Google Scholar
Digital Library
- F. Sebe, A. Martinez-Balleste, Y. Deswarte, J. Domingo-Ferre, and J.-J. Quisquater. 2004. Time-bounded remote file integrity checking. Technical Report 04429, LAAS. (July 2004).Google Scholar
- Hovav Shacham and Brent Waters. 2013. Compact proofs of retrievability. Journal of Cryptology 26, 3 (2013), 442--483. DOI:http://dx.doi.org/10.1007/s00145-012-9129-2 Google Scholar
Digital Library
- Mehul A. Shah, Ram Swaminathan, and Mary Baker. 2008. Privacy-Preserving Audit and Extraction of Digital Contents. Technical Report. HP Labs Technical Report No. HPL-2008-32.Google Scholar
- Elaine Shi, Emil Stefanov, and Charalampos Papamanthou. 2013. Practical dynamic proofs of retrievability. In Proceedings of the ACM International Conference on Computer and Communications Security (CCS’13). 325--336. Google Scholar
Digital Library
- Emil Stefanov, Marten van Dijk, Ari Juels, and Alina Oprea. 2012. Iris: A scalable cloud file system with efficient integrity checks. In Proceedings of the 28th Annual Computer Security Applications Conference (ACSAC’12). ACM, New York, NY, 229--238. Google Scholar
Digital Library
- Roberto Tamassia. 2003. Authenticated data structures. In Proceedings of the European Symposium on Algorithms (ESA’03). 2--5.Google Scholar
Cross Ref
- Roberto Tamassia and Nikos Triandopoulos. 2005. Computational bounds on hierarchical data processing with applications to information security. In Proceedings of the 32nd International Conference on Automata, Languages and Programming (ICALP’05). Springer-Verlag, Berlin, 153--165. Google Scholar
Digital Library
- Cong Wang, Qian Wang, Kui Ren, and Wenjing Lou. 2010. Privacy-preserving public auditing for data storage security in cloud computing. In Proceedings of the 29th Conference on Information Communications (INFOCOM’10). IEEE Press, Piscataway, NJ, 525--533. Google Scholar
Digital Library
- Qian Wang, Cong Wang, Jin Li, Kui Ren, and Wenjing Lou. 2009. Enabling public veriability and data dynamics for storage security in cloud computing. In Proceedings of the European Symposium on Research in Computer Security (ESORICS’09). 355--370. Google Scholar
Digital Library
- Qingji Zheng and Shouhuai Xu. 2011. Fair and dynamic proofs of retrievability. In Proceedings of the 1st ACM Conference on Data and Application Security and Privacy (CODASPY’11). ACM, New York, NY, 237--248. Google Scholar
Digital Library
Index Terms
Dynamic Provable Data Possession
Recommendations
Dynamic provable data possession
CCS '09: Proceedings of the 16th ACM conference on Computer and communications securityWe consider the problem of efficiently proving the integrity of data stored at untrusted servers. In the provable data possession (PDP) model, the client preprocesses the data and then sends it to an untrusted server for storage, while keeping a small ...
Scalable and efficient provable data possession
SecureComm '08: Proceedings of the 4th international conference on Security and privacy in communication netowrksStorage outsourcing is a rising trend which prompts a number of interesting security issues, many of which have been extensively investigated in the past. However, Provable Data Possession (PDP) is a topic that has only recently appeared in the research ...
Identity-based provable data possession revisited
Provable Data Possession (PDP), which enables cloud users to verify the data integrity without retrieving the entire file, is highly essential for cloud storage. Observing all the existing PDP schemes rely on the Public Key Infrastructure (PKI), Wang ...






Comments