Online/offline remote data auditing with strong key-exposure resilience for cloud storage

Abstract

Remote Data Auditing (RDA) with key-exposure resilience enables secure cloud data storage both earlier and later than the key exposure happens. However, most of existing solutions suffer from the security attack during the key-exposed time period, meaning the cloud server can still discard or tamper with the data owner’s files in the key-exposure period. While others require a secure channel for key update, which is unrealistic and expensive under key-exposure scenarios. In this paper, we construct an online/offline RDA framework with strong key-exposure resilience, called S-OORDA, which can resist strong key-exposure attacks and achieve the integrity verification for cloud data efficiently. Then based on the framework, we present a concrete S-OORDA scheme supporting the data owner’s secret key evolution without the secure channel. And the authenticators can be updated remotely at each time period, so as to prevent the attackers to forge the authenticators using the exposed auditing secret keys. Meanwhile, the data auditing process of the proposed scheme is divided to online and offline phases, greatly relieving the online computational burden of both the data owner and the third-party auditor. Security and performance analysis confirm that the proposed scheme meets the desired security and has the optimized efficiency.