With numerous applications in cloud storage, Proof of Retrievability (PoR) is an efficient solution for verification and retrieval of big data on a remote server. Existing PoR schemes can support two mutually exclusive verification modes, namely either private verifiability or public verifiability, depending on whether the outsourced data is verifiable by the data owner (user) only or by everyone. In order to allow the user to flexibly designate the capability of verification, we propose a novel framework for PoR schemes that enables fine-grained control of remote data verification for cloud storage. Our idea is enabling the user to dynamically release some tokens (verification keys) to one or more third parties (designated verifiers), such that only the user and the designated verifiers can verify and retrieve the outsourced data from the server. We formalize this notion as PoR with Flexible Designated Verification (PoR-FDV), and define an extended adversarial model for PoR-FDV based on Juel et al.'s PoR model. Under the new framework, we propose a generic, simple and elegant construction of PoR-FDV from public verifiable PoR and identity-based KEM/DEM, which then gives birth to a concrete and efficient PoR-FDV scheme. Compared to existing PoR schemes, PoR-FDV provides higher flexibility and scalability, as well as many useful features.
Read full abstract