Identity-Based Integrity Verification and Public Auditing Scheme in Cloud Storage System Against Malicious Auditors

Abstract

Read online

The cloud storage system provides users with convenient storage services. However, users who use cloud storage services lose absolute control over the data once they upload files to the cloud service provider (CSP). The integrity of the cloud data has become a problem worth considering. In the realization of verification of cloud storage schemes, a third-party auditor (TPA), as a professional organization that provides users with public audit services, is an indispensable and important entity. However, the TPA is not entirely credible because the TPA may perform audits dishonestly out of laziness or selfishness. Based on the above considerations, we provide a scheme for solving the problem of cloud data integrity verification and the TPA dishonesty based on identity-based encryption (IBE). The proposed identity-based public auditing verification scheme can provide security against malicious auditors. In this scheme, the mathematical design is based on IBE, which frees the users from complicated certificate management. In addition, during the public auditing phase, adding a timestamp can effectively prevent the malicious TPA from working dishonestly. Moreover, the security analysis and performance evaluation of the scheme for the untrusted CSP and semi-trusted TPA shows effective results.

Keywords

• cloud storage
• identity-based encryption
• integrity verification
• public auditing