Outsourced dynamic provable data possession with batch update for secure cloud storage

摘要

With the advent of data outsourcing, how to efficiently verify the integrity of data stored at an untrusted cloud service provider (CSP) has become a significant problem in cloud storage. Provable data possession (PDP) is a model that allows clients or a trusted auditor to verify whether CSP possesses the outsourced data without downloading it. However, this model requires clients to tolerate non-negligible computation burden incurred by frequent verifications in private schemes, and does not provide any security assurances when client or/and auditor are dishonest. Therefore, it cannot be directly transformed into a secure outsourced auditing scheme, where any one of three participants (i.e., CSP, client and auditor) may be dishonest and any two participants may be colluded with each other. In this paper, we propose an outsourced dynamic provable data possession (ODPDP) scheme, which migrates frequent auditing task to an external auditor to reduce clients' verification overhead, and simultaneously provides log audit mechanism with lower computation burden for clients to prevent from dishonest auditor. In addition, we propose a batch update algorithm that can perform and verify multiple update operations at once, avoiding repetitive calculations and transmissions. Security analysis proves that our scheme is secure in the enhanced threat model, and experimental results show that our scheme achieves high efficiency in terms of computation time and communication cost compared with existing outsourced auditing schemes. (C) 2019 Elsevier B.V. All rights reserved.