Publication Type

Journal Article

Version

acceptedVersion

Publication Date

7-2020

Abstract

Remote data integrity checking (RDIC) enables clients to verify whether the outsourced data is intact without keeping a copy locally or downloading it. Nevertheless, the existing RDIC schemes do not support the pay-as-you-go (PAYG) payment model, where the payment is decided by the volume and duration of the outsourced data. Specifically, none of the existing works have considered the client’s control over changes in storage duration. In this paper, we propose an RDIC scheme to simultaneously check the data content and storage duration represented by an updatable timestamp via the third-party auditor (TPA). Also, our proposed scheme achieves indistinguishable privacy (IND-privacy) against TPA for both data content and timestamp. To bind the content and timestamp in the authenticator and support efficient timestamp update, we construct the authenticator with the randomizable structure-preserving signature (SPS). Additionally, we utilize the Groth-Sahai proof and range proof to provide the IND-privacy and guarantee the timestamp validation in the auditing phase. We formalize the definition and security model and provide the formal proof of our scheme. We also present the theoretical and experimental performance analysis to demonstrate that our scheme is comparable to the previous RDIC schemes which do not consider the storage time.

Keywords

Integrity checking, Third-party auditing, Indistinguishable privacy, Pay-as-you-go, Range proof

Discipline

Information Security | Software Engineering

Publication

Information Sciences

Volume

527

First Page

210

Last Page

226

ISSN

0020-0255

Identifier

10.1016/j.ins.2020.03.057

Publisher

Elsevier

Copyright Owner and License

Authors

Additional URL

https://doi.org/10.1016/j.ins.2020.03.057

Download

Share

COinS