NPP: A New Privacy-Aware Public Auditing Scheme for Cloud Data Sharing with Group Users

• Published in: IEEE transactions on big data Vol. 8; no. 1; pp. 14 - 24
• Main Authors: Fu, Anmin, Yu, Shui, Zhang, Yuqing, Wang, Huaqun, Huang, Chanying
• Format: Journal Article
• Language: English
• Published: Piscataway IEEE 01.02.2022; The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
• Subjects: Auditing; Authentication; Big data; Binary trees; Cloud computing; Computational modeling; Data integrity; Data privacy; Data retrieval; Data storage; homomorphic verifiable; Human error; Integrity; non-frameability; Privacy; provable security
• ISSN: 2332-7790; 2372-2096
• DOI: 10.1109/TBDATA.2017.2701347

Today, cloud storage becomes one of the critical services, because users can easily modify and share data with others in cloud. However, the integrity of shared cloud data is vulnerable to inevitable hardware faults, software failures or human errors. To ensure the integrity of the shared data, some schemes have been designed to allow public verifiers (i.e., third party auditors) to efficiently audit data integrity without retrieving the entire users' data from cloud. Unfortunately, public auditing on the integrity of shared data may reveal data owners' sensitive information to the third party auditor. In this paper, we propose a new privacy-aware public auditing mechanism for shared cloud data by constructing a homomorphic verifiable group signature. Unlike the existing solutions, our scheme requires at least t group managers to recover a trace key cooperatively, which eliminates the abuse of single-authority power and provides non-frameability. Moreover, our scheme ensures that group users can trace data changes through designated binary tree; and can recover the latest correct data block when the current data block is damaged. In addition, the formal security analysis and experimental results indicate that our scheme is provably secure and efficient.