Privacy-Preserving Certificateless Cloud Auditing with Multiple Users

Cloud auditing is one of the important processes to ensure the security and integrity of data in cloud storage. Implementing cloud auditing requires various cryptographic tools such as identity-based cryptography and its variant: certificateless cryptography which solves the inherent key escrow problem in identity-based cryptography. Applying certificateless cryptography to cloud auditing has shown many merits. However, in a multi-user setting, certificateless cloud auditing (CLCA) schemes require additional security requirements. For instance, the identity privacy becomes an important issue that should be taken into consideration in some applications. In this paper, we concentrate on the identity privacy of CLCA schemes. We define the security models of privacy-preserving CLCA schemes, namely the uncheatability and anonymity and propose an efficient CLCA scheme, which is secure in the security models. As a feature of our scheme, the tag of a message is compact, which consists of only one group element. The uncheatability is based on variants of bilinear Diffie-Hellman assumption in the random oracle model. The identity privacy of the user is information-theoretically guaranteed against the third party auditor.