Lunzhi Deng, Shuai Feng, Tao Wang, Zhenyu Hu, S. Li
{"title":"Identity-Based Data Auditing Scheme With Provable Security in the Standard Model Suitable for Cloud Storage","authors":"Lunzhi Deng, Shuai Feng, Tao Wang, Zhenyu Hu, S. Li","doi":"10.1109/TDSC.2023.3336994","DOIUrl":null,"url":null,"abstract":"In a data auditing scheme, the data owner authorizes a third-party auditor (TPA) to check whether the data stored in the cloud remains intact. Researchers have given many data auditing schemes. However, there are still three significant shortcomings in these schemes. First of all, the security proofs of these schemes are completed in the random oracle model (ROM). As we all know, a scheme with provably security in ROM may be insecure in practical applications. Second, TPA in most known schemes is set to be completely reliable. However, TPA in reality may attempt to extract the data owner's data. These schemes cannot resist the malicious behavior of TPA. Third, most known schemes require hash-to-point operations and enjoy high computation cost, so they are not suitable for computing-constrained environments. In this article, we first presented the system model and security demands for an identity-based data auditing (IBDA) scheme. We then came up with a new IBDA scheme and showed the security proofs in the standard model (SM). Finally, we made an analysis on performance for seven data auditing schemes. In our scheme, the computation cost required by TPA is a constant, independent of the number of data blocks participating in the challenge. Therefore, our scheme requires low computation cost and is suitable for computing-constrained environments.","PeriodicalId":13047,"journal":{"name":"IEEE Transactions on Dependable and Secure Computing","volume":null,"pages":null},"PeriodicalIF":7.0000,"publicationDate":"2024-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Dependable and Secure Computing","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1109/TDSC.2023.3336994","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}
引用次数: 0
Abstract
In a data auditing scheme, the data owner authorizes a third-party auditor (TPA) to check whether the data stored in the cloud remains intact. Researchers have given many data auditing schemes. However, there are still three significant shortcomings in these schemes. First of all, the security proofs of these schemes are completed in the random oracle model (ROM). As we all know, a scheme with provably security in ROM may be insecure in practical applications. Second, TPA in most known schemes is set to be completely reliable. However, TPA in reality may attempt to extract the data owner's data. These schemes cannot resist the malicious behavior of TPA. Third, most known schemes require hash-to-point operations and enjoy high computation cost, so they are not suitable for computing-constrained environments. In this article, we first presented the system model and security demands for an identity-based data auditing (IBDA) scheme. We then came up with a new IBDA scheme and showed the security proofs in the standard model (SM). Finally, we made an analysis on performance for seven data auditing schemes. In our scheme, the computation cost required by TPA is a constant, independent of the number of data blocks participating in the challenge. Therefore, our scheme requires low computation cost and is suitable for computing-constrained environments.
期刊介绍:
The "IEEE Transactions on Dependable and Secure Computing (TDSC)" is a prestigious journal that publishes high-quality, peer-reviewed research in the field of computer science, specifically targeting the development of dependable and secure computing systems and networks. This journal is dedicated to exploring the fundamental principles, methodologies, and mechanisms that enable the design, modeling, and evaluation of systems that meet the required levels of reliability, security, and performance.
The scope of TDSC includes research on measurement, modeling, and simulation techniques that contribute to the understanding and improvement of system performance under various constraints. It also covers the foundations necessary for the joint evaluation, verification, and design of systems that balance performance, security, and dependability.
By publishing archival research results, TDSC aims to provide a valuable resource for researchers, engineers, and practitioners working in the areas of cybersecurity, fault tolerance, and system reliability. The journal's focus on cutting-edge research ensures that it remains at the forefront of advancements in the field, promoting the development of technologies that are critical for the functioning of modern, complex systems.