Protocol For Outsourcing Of Modular Exponentiations And Data Integrity Verification In Cloud Computing

Cloud computing has emerged as a new computational paradigm, in which paradigm, cloud servers have infinite storage resources and provide powerful computing services. Individuals and companies with limited resource can enjoy the on-demand and high quality data computing and storage services through the Internet. However, it brings about many new security challenges. This dissertation considers the design of secure outsourcing computations problems for modular exponentiations and data integrity verification in cloud storage. This dissertation contains the main contributions as follows.1. This paper presents two outsourcing protocols to compute modular exponentiations. Nowadays, the widely-used public-key cryptosystems based on the integer factorization and the discrete logarithm problems in finite fields usually involves the costly modular exponentiations. We propose two outsourcing protocols in the cloud computing paradigm. In both protocols, a subroutine named Rand is utilized to randomly output an exponentiation and the corresponding modular exponentiation. The first protocol is established under the two non-collusive cloud servers model. It is shown that the first protocol can achieve the input/output privacy. Simultaneously, the protocol also satisfies the security goal of result verifiability, that is, the user can detect the cloud servers' misbehavior with a probability of 100%. The second protocol is based on the single cloud server model, and hence removes security non-collusive assumption in the first protocol. The second protocol also can achieve the input and output privacy security goals. It is also demonstrated that the user can detect the cloud server's misbehavior with a probability of 2/3.2. This paper provides an improvement on a secure cloud storage outsourcing scheme based on algebraic signature. In cloud storage outsourcing schemes, the users do not store outsourced data locally, and the cloud servers only provide storage and query services. Hence, the user cannot directly monitor and verify the integrity and correctness of the cloud data. At first, we impose a cryptanalytic attack on the Chen's protocol, and point out that it is vulnerable to replay attack launched by the cloud server. Secondly, we fix the security flaws by providing an improved scheme without sacrificing the efficiency of the original construction. Compared with other schemes, the improvement is secure, efficient, and practical.