Research On Provable Data Integrity In Cloud Storage Environment

With the rapid development of cloud storage techniques, more and more users choose to store their data and applications into the cloud, so as to save local physical resources and simplify data management. As users no longer physically store their data in local memory,traditional cryptographic primitives for the purpose of data integrity protection cannot be directly adopted. Thus, how to verify the integrity of cloud data is a challenging problem.Provable data integrity in the cloud storage allows the verifier(users or the third partner) to check data integrity without accessing to the original data, which is an important means of keeping the correctness and availability of cloud data. However, the main existing protocols and schemes just focus on simple storage services, i.e, data backup, and ignore the diverse needs of users, such that it is difficult to meet the increasingly rich cloud storage applications. The main contributions of this dissertation are as follows:(1) An provable data integrity approach with robust recoverabilityFor sentinel-based verification method, it has the advantages of simple operations and high efficiency, but weak data recovery capability and high communication overhead will hinder the deployment of this method in the cloud. Thus, a provable data integrity approach with robust recoverability(PDI-RR) is proposed for checking the integrity of data in the cloud. This approach randomly selects a number of different data blocks to compute, rather than specify one data block from one position. So, we can not only verify data integrity on multiple locations with one sentinel, but also recover some failures where some errors occur. Finally, the security analysis showed that, PDI-RR is a secure authentication method. Compared to several existing works, PDI-RR has better storage and communication costs.(2) An efficient provable data integrity approach with supporting data dynamicsAs introducing the indices of blocks, existing works can not effectively support data dynamics operations. Thus, a skip-list based provable data integrity(SL-DPDI) is proposed for support the dynamics operations of block level. SL-DPDI effectively combine BLS signature with dynamic structure-skip list to ensure the integrity of the data in the cloud. Concretely speaking, SL-DPDI use skip list to ensure the correctness of the location of data block, and use the BLS signature to check the integrity of the content of data block. Finally, security analysis and performance evaluation results show that SL-DPDI can not only effectively support data dynamics, but also greatly reduce the burden of the user spending on the initialization phase.(3) Identity-based provable data integrity approachIn order to alleviate the burden of the user, majority of existing works allows users to specify any trusted third party(TPA) to verify the integrity of data on behalf of them. But before the TPA executes the auditing task, he need to contact with the certificate authority(CA) to verify the legality of users’ identity, which results in lots of communication overhead and heavy burden of key management. Thus an identity-based provable data integrity approach(NaEPACS). With the proposed mechanism, the TPA not only verifies the integrity of outsourced data on behalf of cloud users, but also alleviates the burden of checking tasks with the help of users’ identity. Compared to the previous research work,the proposed scheme greatly reduces the auditing time of single task at the TPA side. Besides, security analysis and performance evaluation results show that the high efficiency and security of the proposed scheme.(4) Lattice-based provable data integrity approachThe security model of the most of existing works are based on traditional hard problems, i.e, Diffie Hellman Problem(DLP), Integer Factorization Problem(IFP). However, those hard problems are unsafe under a quantum computer, and then a lattice-based provable data integrity(LB-PDI) is proposed. LB-PDI utilizes a lattice-based and homomorphic signature, which facilitates the verifier to check the integrity of data without retrieving the original data in the cloud. lastly, we analysis the security of our new scheme,and it shows that any adversary can not pass our scheme with a forged proof; otherwise,he can solve the small integer solution problem(SISP), which resists the cryptanalysis by quantum algorithm.