Chris Erway
Roberto Tamassia
ABSTRACT
We consider the problem of efficiently proving the integrity of data stored at untrusted servers. In the provable data possession (PDP) model, the client preprocesses the data and then sends it to an untrusted server for storage, while keeping a small amount of meta-data. The client later asks the server to prove that the stored data has not been tampered with or deleted (without downloading the actual data). However, the original PDP scheme applies only to static (or append-only) files.
We present a definitional framework and efficient constructions for dynamic provable data possession (DPDP), which extends the PDP model to support provable updates to stored data. We use a new version of authenticated dictionaries based on rank information. The price of dynamic updates is a performance change from O(1) to O(logn) (or O(nεlog n), for a file consisting of n blocks, while maintaining the same (or better, respectively) probability of misbehavior detection. Our experiments show that this slowdown is very low in practice (e.g. 415KB proof size and 30ms computational overhead for a 1GB file). We also show how to apply our DPDP scheme to outsourced file systems and version control systems (e.g. CVS).
- A. Anagnostopoulos, M. Goodrich, and R. Tamassia. Persistent authenticated dictionaries and their applications. In ISC, pp. 379--393, 2001. Google Scholar
Digital Library
- G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson, and D. Song. Provable data possession at untrusted stores. In CCS, pp. 598--609, 2007. Google ScholarDigital Library
- G. Ateniese, R. D. Pietro, L. V. Mancini, and G. Tsudik. Scalable and efficient provable data possession. In SecureComm, pp. 1--10, 2008. Google ScholarDigital Library
- GM. Blum, W. Evans, P. Gemmell, S. Kannan, and M. Naor. Checking the correctness of memories. Algorithmica, 12(2):225--244, 1994.Google ScholarDigital Library
- D. Boneh, B. Lynn, and H. Shacham. Short signatures from the weil pairing. In ASIACRYPT, pp. 514--532, 2001. Google ScholarDigital Library
- D. E. Clarke, S. Devadas, M. van Dijk, B. Gassend, and G. E. Suh. Incremental multiset hash functions and their application to memory integrity checking. In ASIACRYPT, pp. 188--207, 2003.Google ScholarCross Ref
- Y. Dodis, S. Vadhan, and D. Wichs. Proofs of retrievability via hardness amplification. In TCC, pp. 109--127, 2009. Google ScholarDigital Library
- C. Dwork, M. Naor, G. N. Rothblum, and V. Vaikuntanathan. How efficient can memory checking be? In TCC, pp. 503--520, 2009. Google ScholarDigital Library
- C. C. Erway, A. Küpçü, C. Papamanthou, and R. Tamassia. Dynamic provable data possession. Cryptology ePrint 2008/432. http://eprint.iacr.org/2008/432.pdf.Google Scholar
- D. L. Gazzoni and P. S. L. M. Barreto. Demonstrating data possession and uncheatable data transfer. Cryptology ePrint Archive, Report 2006/150, 2006.Google Scholar
- M. T. Goodrich, C. Papamanthou, R. Tamassia, and N. Triandopoulos. Athos: Efficient authentication of outsourced file systems. In ISC, pp. 80--96, 2008. Google ScholarDigital Library
- M. T. Goodrich, R. Tamassia, and A. Schwerin. Implementation of an authenticated dictionary with skip lists and commutative hashing. In DISCEX II, pp. 68--82, 2001.Google Scholar
- A. Juels and B. S. Kaliski. PORs: Proofs of retrievability for large files. In CCS, pp. 584--597, 2007. Google ScholarDigital Library
- M. Kallahalla, E. Riedel, R. Swaminathan, Q. Wang, and K. Fu. Plutus: Scalable secure file sharing on untrusted storage. In FAST, pp. 29--42, 2003. Google ScholarDigital Library
- J. Kubiatowicz, D. Bindel, Y. Chen, S. Czerwinski, P. Eaton, D. Geels, R. Gummadi, S. Rhea, H. Weatherspoon, W. Weimer, C. Wells, and B. Zhao. Oceanstore: an architecture for global-scale persistent storage. SIGPLAN Not., 35(11):190--201, 2000. Google ScholarDigital Library
- F. Li, M. Hadjieleftheriou, G. Kollios, and L. Reyzin. Dynamic authenticated index structures for outsourced databases. In SIGMOD, pp. 121--132, 2006. Google ScholarDigital Library
- J. Li, M. Krohn, D. Mazieres, and D. Shasha. Secure untrusted data repository (SUNDR). In OSDI, pp. 121--136, 2004. Google ScholarDigital Library
- U. Maheshwari, R. Vingralek, and W. Shapiro. How to build a trusted database system on untrusted storage. In OSDI, pp. 10--26, 2000. Google ScholarDigital Library
- A. Muthitacharoen, R. Morris, T. Gil, and B. Chen. Ivy: A read/write peer-to-peer file system. In OSDI, pp. 31--44, 2002. Google ScholarDigital Library
- M. Naor and K. Nissim. Certificate revocation and certificate update. In USENIX Security, pp. 17--17, 1998. Google ScholarDigital Library
- M. Naor and G. N. Rothblum. The complexity of online memory checking. J. ACM., 56(1):1--46, 2009. Google ScholarDigital Library
- A. Oprea, M. Reiter, and K. Yang. Space-efficient block storage integrity. In NDSS, pp. 17--28, 2005.Google Scholar
- J. Ousterhout. Tcl/tk. http://www.tcl.tk/.Google Scholar
- C. Papamanthou and R. Tamassia. Time and space efficient algorithms for two-party authenticated data structures. In ICICS, pp. 1--15, 2007. Google ScholarDigital Library
- C. Papamanthou, R. Tamassia, and N. Triandopoulos. Authenticated hash tables. In CCS, pp. 437--448, 2008. Google ScholarDigital Library
- W. Pugh. Skip lists: A probabilistic alternative to balanced trees. Commun. ACM, 33(6):668--676, 1990. Google ScholarDigital Library
- Samba. Samba.org CVS repository. http://cvs.samba.org/cgi-bin/cvsweb/.Google Scholar
- T. Schwarz and E. Miller. Store, forget, and check: Using algebraic signatures to check remotely administered storage. In ICDCS, pp. 12, 2006. Google ScholarDigital Library
- F. Sebe, A. Martinez-Balleste, Y. Deswarte, J. Domingo-Ferre, and J.-J. Quisquater. Time-bounded remote file integrity checking. Technical Report 04429, LAAS, July 2004.Google Scholar
- H. Shacham and B. Waters. Compact proofs of retrievability. In ASIACRYPT, pp. 90--107, 2008. Google ScholarDigital Library
- R. Tamassia. Authenticated data structures. In ESA, pp. 2--5, 2003.Google ScholarCross Ref
- R. Tamassia and N. Triandopoulos. Computational bounds on hierarchical data processing with applications to information security. In ICALP, pp. 153--165, 2005. Google ScholarDigital Library
Index Terms
- Dynamic provable data possession
Recommendations
Dynamic Provable Data Possession
As storage-outsourcing services and resource-sharing networks have become popular, the problem of efficiently proving the integrity of data stored at untrusted servers has received increased attention. In the Provable Data Possession (PDP) model, the ...
Remote data checking using provable data possession
We introduce a model for provable data possession (PDP) that can be used for remote data checking: A client that has stored data at an untrusted server can verify that the server possesses the original data without retrieving it. The model generates ...
Scalable and efficient provable data possession
SecureComm '08: Proceedings of the 4th international conference on Security and privacy in communication netowrksStorage outsourcing is a rising trend which prompts a number of interesting security issues, many of which have been extensively investigated in the past. However, Provable Data Possession (PDP) is a topic that has only recently appeared in the research ...
Comments