Multi-Replica and Multi-Cloud Data Public Audit Scheme Based on Blockchain

Xiaodong Yang,Caifen Wang,Meiding Wang,Xizhen Pei,Ting Li

doi:10.1109/access.2020.3014510

Xiaodong Yang, Caifen Wang + Show 3 more

Open Access

https://doi.org/10.1109/access.2020.3014510

Copy DOI

Abstract

Cloud storage services provide convenient data storage services for individuals and enterprises. Data owners can remotely access and update outsourcing data. But there are still many security problems, such as data integrity. Although the public audit schemes allow users to authorize third-party auditors (TPA) to verify the integrity of cloud data, there are still a series of problems in the existing public audit schemes. First of all, most of the existing schemes are based on the traditional or identity public key infrastructure. There is a problem of certificate management or key escrow. And they do not support dynamic data update and user identity tracking for group users. Then, existing multi-replica data public audit schemes store all replicas on a cloud storage server. Once the cloud server fails, all replicas will be damaged. Finally, most existing schemes require TPA to be trusted. In practice, TPA may deviate from the public audit protocol or collude with cloud servers to deceive users. To solve these problems, we propose a certificateless multi-replica and multi-cloud data public audit scheme based on blockchain technology. In our scheme, the dynamic hash table and modification record table are introduced to achieve dynamic update of group user data and identity tracking. All replicas are stored in different cloud servers, and their integrity can be audited at the same time. In addition, we use the unpredictability of blocks in the blockchain to construct fair challenge information, thereby preventing malicious TPA and cloud servers from colluding to deceive users. Each audit result is written into the blockchain, which is convenient for users to audit the behavior of TPA. The analysis results show that our proposed scheme is secure in the random oracle model and has higher efficiency in communication and computation cost compared with similar schemes.

Highlights

In recent years, cloud computing as a new computing model has attracted people’s extensive attention [1]
Once the data is uploaded to the cloud server, the data owner loses the physical control over the data [3]
Due to the complexity of the cloud environment, the cloud server is vulnerable to attack from external adversaries and internal hardware or software failures, which may lead to data destruction or even loss [4]

Summary

INTRODUCTION

Cloud computing as a new computing model has attracted people’s extensive attention [1]. In order to reduce the overhead of verification, an irresponsible TPA may generate a good integrity report without performing any public audit or collude with the cloud server to verify only the complete data blocks to cheat users. TPA generates challenge information based on unpredictability nonce of the block, and writes the verification result of each time into the blockchain as a transaction. users regularly audit TPA behavior based on the data on blockchain This can resist the collusion attack of TPA and server, and ensure that TPA aduits the integrity of cloud data in a prescribed time. We design a multi-replica and multi-cloud public audit scheme based on certificateless cryptosystem, which avoids the problem of certificate management in PKI, and solves the key escrow problem in IBC.

RELATED WORK

BILINEAR MAPS

COMPLEXITY ASSUMPTION

SYSTEM MODEL AND SECURITY MODEL

SECURITY ANALYSIS

CONCLUSION