Conditional Anonymous Certificateless Public Auditing Scheme Supporting Data Dynamics for Cloud Storage Systems

Abstract

Cloud computing provides users with convenient data storage services, which simultaneously poses various security concerns, the integrity of outsourced data has been termed as one of the most concerning security issues. Certificateless public auditing not only enables a third-party auditor (TPA) to check data integrity, but also avoids complex certificates management and inherent drawbacks of key escrow. Up to date, a few certificateless public auditing schemes have been proposed, without providing fast data dynamics or protecting the identity privacy of users. In this paper, we propose a lightweight conditional anonymous certificateless public auditing (CACPA) scheme, supporting much faster data dynamics in cloud storage systems. Based on a homomorphic hash function, we design a certificateless signature and integrate it into the construction of CACPA, reducing the computational costs of TPA substantially. CACPA achieves conditional identity privacy preservation, anyone cannot infer the real identity of a user based on outsourced data, only the private key generator (PKG) can revoke the users when some misbehaviors occur. We provide security analysis of CACPA, and conduct performance evaluation demonstrating the lightweight advantages of CACPA, and therefore it is suitable for auditors with resource-constrained mobile devices.