Remote Data Checking Using Provable Data Possession
Loading...
Authors
Ateniese, Giuseppe
Burns, Randal
Curtmola, Reza
Herring, Joseph
Khan, Osama
Kissner, Lea
Peterson, Zachary
Song, Dawn
Subjects
Security, Reliability
Performance
Remote data checking
provable data possession
PDP
homomorphic verifiable tags
archival storage
cloud storage security
robust auditing
erasure coding
Performance
Remote data checking
provable data possession
PDP
homomorphic verifiable tags
archival storage
cloud storage security
robust auditing
erasure coding
Advisors
Date of Issue
2011-05
Date
May 2011
Publisher
ACM
Language
Abstract
We introduce a model for provable data possession (PDP) that can be used for remote data checking: A client
that has stored data at an untrusted server can verify that the server possesses the original data without
retrieving it. The model generates probabilistic proofs of possession by sampling random sets of blocks from
the server, which drastically reduces I/O costs. The client maintains a constant amount of metadata to verify
the proof. The challenge/response protocol transmits a small, constant amount of data, which minimizes
network communication. Thus, the PDP model for remote data checking is lightweight and supports large
data sets in distributed storage systems. The model is also robust in that it incorporates mechanisms for
mitigating arbitrary amounts of data corruption.
We present two provably-secure PDP schemes that are more efficient than previous solutions. In particular,
the overhead at the server is low (or even constant), as opposed to linear in the size of the data. We
then propose a generic transformation that adds robustness to any remote data checking scheme based on
spot checking. Experiments using our implementation verify the practicality of PDP and reveal that the
performance of PDP is bounded by disk I/O and not by cryptographic computation. Finally, we conduct an
in-depth experimental evaluation to study the tradeoffs in performance, security, and space overheads when
adding robustness to a remote data checking scheme
Type
Article
Description
The article of record as published may be found at http://dx.doi.org/10.1145/1952982.1952994
The electronic appendix for this article can be accessed in the ACM Digital Library.
The electronic appendix for this article can be accessed in the ACM Digital Library.
Series/Report No
Department
Computer Science (CS)
Organization
Naval Postgraduate School
Identifiers
NPS Report Number
Sponsors
Funder
Format
34 p.
Citation
Ateniese, Giuseppe, et al. "Remote data checking using provable data possession." ACM Transactions on Information and System Security (TISSEC) 14.1 (2011): 1-34.
Distribution Statement
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. As such, it is in the public domain, and under the provisions of Title 17, United States Code, Section 105, it may not be copyrighted.