Improved cloud storage auditing scheme with deduplication

Jindan Zhang; Urszula Ogiela; David Taniar; Nadia Nedjah; Jindan Zhang; Urszula Ogiela; David Taniar; Nadia Nedjah

doi:10.3934/mbe.2023342

Mathematical Biosciences and Engineering

2023, Volume 20, Issue 5: 7905-7921. doi: 10.3934/mbe.2023342

Previous Article Next Article

Research article Special Issues

Improved cloud storage auditing scheme with deduplication

1.
Xianyang Vocational & Technical College, Xianyang, Shaanxi, China
2.
AGH University of Science and Technology, Institute of Computer Science, Krakow, Poland
3.
Faculty of Information Technology, Monash University, Australia
4.
Department of Electronics Engineering and Telecommunications of the Engineering Faculty, State University of Rio de Janeiro, Rio de Janeiro, Brazil

Received: 01 November 2022 Revised: 22 January 2023 Accepted: 06 February 2023 Published: 22 February 2023

Cloud storage has become a crucial service for many users who deal with big data. The auditing scheme for cloud storage is a mechanism that checks the integrity of outsourced data. Cloud storage deduplication is a technique that helps cloud service providers save on storage costs by storing only one copy of a file when multiple users outsource the same file to cloud servers. However, combining storage auditing and deduplication techniques can be challenging. To address this challenge, in 2019 Hou et al. proposed a cloud storage auditing scheme with deduplication that supports different security levels of data popularity. This proposal is interesting and has practical applications. However, in this paper, we show that their proposal has a flaw: the cloud or other adversaries can easily forge the data block's authenticators, which means the cloud can delete all the outsourced encrypted data blocks but still provide correct storage proof for the third-party auditor. Based on Hou et al.'s scheme, we propose an improved cloud storage auditing scheme with deduplication and analyze its security. The results show that the proposed scheme is more secure.
- cloud storage,
- cloud audit,
- attack,
- deduplication,
- integrity
Citation: Jindan Zhang, Urszula Ogiela, David Taniar, Nadia Nedjah. Improved cloud storage auditing scheme with deduplication[J]. Mathematical Biosciences and Engineering, 2023, 20(5): 7905-7921. doi: 10.3934/mbe.2023342

Related Papers:

Abstract

Cloud storage has become a crucial service for many users who deal with big data. The auditing scheme for cloud storage is a mechanism that checks the integrity of outsourced data. Cloud storage deduplication is a technique that helps cloud service providers save on storage costs by storing only one copy of a file when multiple users outsource the same file to cloud servers. However, combining storage auditing and deduplication techniques can be challenging. To address this challenge, in 2019 Hou et al. proposed a cloud storage auditing scheme with deduplication that supports different security levels of data popularity. This proposal is interesting and has practical applications. However, in this paper, we show that their proposal has a flaw: the cloud or other adversaries can easily forge the data block's authenticators, which means the cloud can delete all the outsourced encrypted data blocks but still provide correct storage proof for the third-party auditor. Based on Hou et al.'s scheme, we propose an improved cloud storage auditing scheme with deduplication and analyze its security. The results show that the proposed scheme is more secure.

References

[1]	J. Nowaková, M. Pokorný, Intelligent controller design by the artificial intelligence methods, Sensors, 20 (2020), 4454. https://doi.org/10.3390/s20164454 doi: 10.3390/s20164454
[2]	M. Pawlicki, R. Kozik, M. Choras, A survey on neural networks for (cyber-) security and (cyber-) security of neural networks, Neurocomputing, 500 (2022), 1075–1087. https://doi.org/10.1016/j.neucom.2022.06.002 doi: 10.1016/j.neucom.2022.06.002
[3]	H. Xu, M. Guo, N. Nedjah, J. Zhang, P. Li, Vehicle and Pedestrian Detection Algorithm Based on Lightweight YOLOv3-Promote and Semi-Precision Acceleration, IEEE Trans. Intell. Transp. Syst., 23 (2022), 19760–19771. https://doi.org/10.1109/TITS.2021.3137253 doi: 10.1109/TITS.2021.3137253
[4]	B. Furht, A. Escalante, Handbook of Cloud Computing, Springer, 2010. https://doi.org/10.1007/978-1-4419-6524-0
[5]	G. Fenza, V. Loia, G. Nota, Patterns for visual management in industry 4.0, Sensors, 21 (2021), 6440. https://doi.org/10.3390/s21196440 doi: 10.3390/s21196440
[6]	M. Hasal, J. Nowaková, K. A. Saghair, H. M. Dahwa Abdulla, Václav Snásel, Lidia Ogiela, Chatbots: Security, privacy, data protection, and social aspects. Concurr. Comput. Pract. Exp., 33 (2021). https://doi.org/10.1002/cpe.6426
[7]	N. Capuano, G. Fenza, V. Loia, C. Stanzione, Explainable artificial intelligence in cybersecurity: {A} survey. IEEE Access, 10 (2022), 93575–93600. https://doi.org/10.1109/ACCESS.2022.3204171
[8]	M. Choras, M. Wozniak, The double-edged sword of AI: ethical adversarial attacks to counter artificial intelligence for crime, AI Ethics, 3 (2022), 631–634. https://doi.org/10.1007/s43681-021-00113-9
[9]	V. Snásel, J. Nowaková, F. Xhafa, L. Barolli, Geometrical and topological approaches to big data, Future Gener. Comput. Syst., 67 (2017), 286–296. https://doi.org/10.1016/j.future.2016.06.005 doi: 10.1016/j.future.2016.06.005
[10]	H. Hou, J. Yu, R. Hao, Cloud storage auditing with deduplication supporting different security levels according to data popularity, J. Network Comput. Appl., 134 (2019), 26–39. https://doi.org/10.1016/j.jnca.2019.02.015 doi: 10.1016/j.jnca.2019.02.015
[11]	G. Asharov, G. Segev, I. Shahaf, Tight tradeoffs in searchable symmetric encryption, LNCS, Springer, Heidelberg, 2018, 407–436. https://doi.org/10.1007/978-3-319-96884-1_14
[12]	R. Cheng, J. Yan, C. Guan, F. Zhang, K. Ren, Verifiable searchable symmetric encryption from indistinguishability obfuscation. In Feng Bao, Steven Miller, Jianying Zhou, Gail-Joon Ahn, ASIACCS 15, ACM Press, 2015, 621–626. https://doi.org/10.1145/2714576.2714623
[13]	R. Curtmola, J. A. Garay, S. Kamara, R. Ostrovsky, Searchable symmetric encryption: improved definitions and efficient constructions, In Ari Juels, Rebecca N. Wright, Sabrina De Capitani di Vimercati, ACM CCS 06, ACM Press, 2006, 79–88. https://doi.org/10.1145/1180405.1180417
[14]	S. Kamara, C. Papamanthou, T. Roeder, Dynamic searchable symmetric encryption. In Ting Yu, George Danezis, Virgil D. Gligor, ACM CCS 12, ACM Press, October 2012, 965–976. https://doi.org/10.1145/2382196.2382298
[15]	K. Lee, S. G. Choi, D. H. Lee, J. H. Park, M. Yung, Self-updatable encryption: Time constrained access control with hidden attributes and better efficiency, In Kazue Sako, Palash Sarkar, ASIACRYPT 2013, Part I, volume 8269 of LNCS, Springer, Heidelberg, 2013, 235–254. https://doi.org/10.1007/978-3-642-32009-5_13
[16]	A. Sahai, H. Seyalioglu, B. Waters, Dynamic credentials and ciphertext delegation for attribute-based encryption, In Reihaneh Safavi-Naini, Ran Canetti, CRYPTO 2012, volume 7417 of LNCS, Springer, Heidelberg, 2012, 199–217. https://doi.org/10.1007/978-3-642-32009-5_13
[17]	M. Bellare, S. Keelveedhi, T. Ristenpart, Message-locked encryption and secure deduplication, In Thomas Johansson, Phong Q. Nguyen, EUROCRYPT 2013, volume 7881 of LNCS, Springer, Heidelberg, 2013, 296–312. https://doi.org/10.1007/978-3-642-38348-9_18
[18]	M. Bellare, S. Keelveedhi, Interactive message-locked encryption and secure deduplication. In Jonathan Katz, PKC 2015, volume 9020 of LNCS, Springer, Heidelberg, 2015, 516–538. https://doi.org/10.1007/978-3-662-46447-2_23
[19]	G. Ateniese, K. Fu, M. Green, S. Hohenberger, Improved proxy re-encryption schemes with applications to secure distributed storage, In NDSS 2005, The Internet Society, February 2005.
[20]	G. Ateniese, R. C. Burns, R. Curtmola, J. Herring, L. Kissner, Z. N. J. Peterson, et al., Provable data possession at untrusted stores, In Peng Ning, Sabrina De Capitani di Vimercati, Paul F. Syverson, ACM CCS 07, ACM Press, 2007, 598–609. https://doi.org/10.1145/1315245.1315318
[21]	C. C. Erway, A. Kupccu, C. Papamanthou, R. Tamassia, Dynamic provable data possession, In Ehab Al-Shaer, Somesh Jha, Angelos D. Keromytis, ACM CCS 09, ACM Press, 2009, 213–222. https://doi.org/10.1145/1653662.1653688
[22]	A. Juels, B. S. Kaliski Jr., Pors: Proofs of retrievability for large files. In Peng Ning, Sabrina De Capitani di Vimercati, Paul F. Syverson, ACM CCS 07, ACM Press, 2007, 584–597. https://doi.org/10.1145/1315245.1315317
[23]	E. Shi, E. Stefanov, C. Papamanthou, Practical dynamic proofs of retrievability, In Ahmad-Reza Sadeghi, Virgil D. Gligor, Moti Yung, ACM CCS 13, ACM Press, 2013, 325–336. https://doi.org/10.1145/2508859.2516669
[24]	H. Shacham, B. Waters, Compact proofs of retrievability, In Josef Pieprzyk, ASIACRYPT 2008, volume 5350 of LNCS, Springer, Heidelberg, 2008, 90–107. https://doi.org/10.1007/978-3-540-89255-7_7
[25]	Q. Wang, C. Wang, J. Li, K. Ren, W. Lou, Enabling public verifiability and data dynamics for storage security in cloud computing, In ESORICS, volume 5789 of Lecture Notes in Computer Science, Springer, 2009, 355–370. https://doi.org/10.1007/978-3-642-04444-1_22
[26]	Q. Wang, C. Wang, K. Ren, W. Lou, J. Li, Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans. Parallel Distrib. Syst., 22(5): 847–859, 2011. https://doi.org/10.1109/TPDS.2010.183
[27]	Y. Yu, L. Xue, M. H. Au, W. Susilo, J. Ni, Y. Zhang, et al., Cloud data integrity checking with an identity-based auditing mechanism from RSA, Future Generation Comp. Syst., 62 (2016), 85–91. https://doi.org/10.1016/j.future.2016.02.003 doi: 10.1016/j.future.2016.02.003
[28]	Y. Yu, M. H. Au, G. Ateniese, X. Huang, W. Susilo, Y. Dai, et al., Identity-based remote data integrity checking with perfect data privacy preserving for cloud storage, IEEE Trans. Inf. Forens. Secur., 12 (2017), 767–778. 2017. https://doi.org/10.1109/TIFS.2016.2615853
[29]	Y. Yu, Y. Li, B. Yang, W. Susilo, G. Yang, J. Bai, Attribute-based cloud data integrity auditing for secure outsourced storage, IEEE Trans. Emerg. Top. Comput., 8 (2020), 377–390. https://doi.org/10.1109/TETC.2017.2759329
[30]	Y. Huang, Y. Yu, H. Li, Y. Li, A. Tian, Blockchain-based continuous data integrity checking protocol with zero-knowledge privacy protection, Digit. Commun. Networks, 8 (2022), 604–613. https://doi.org/10.1016/j.dcan.2022.04.017 doi: 10.1016/j.dcan.2022.04.017
[31]	J. Zhang, B. Wang, X. A. Wang, H. Wang, S. Xiao, New group user based privacy preserving cloud auditing protocol. Future Gener. Comput. Syst., 106 (2020), 585–594. https://doi.org/10.1016/j.future.2020.01.029
[32]	J. Zhang, B. Wang, M. R. Ogiela, X. A. Wang, A. K. Sangaiah, New public auditing protocol based on homomorphic tags for secure cloud storage, Concurr. Comput. Pract. Exp., 32 (2020). https://doi.org/10.1002/cpe.5600

Reader Comments

Your name:*

Email:*
© 2023 the Author(s), licensee AIMS Press. This is an open access article distributed under the terms of the Creative Commons Attribution License (http://creativecommons.org/licenses/by/4.0)