Proof of retrievability with public verifiability resilient against related-key attacks
Modern technologies such as cloud computing, grid computing and software as a service all require data to be stored by the third parties. A specific problem encountered in this context is to convince a verifier that a user's data are kept intact at the storage servers. An important approach to achieve this goal is called proof of retrievability, by which a storage server can assure a verifier via a concise proof that a user's file is available. However, for most publicly verifiable systems, existing proof of retrievability solutions do not take physical attacks into consideration, where an adversary can observe the outcome of the computation with methods like fault injection techniques. In fact, the authors find that giving the adversary the ability to obtain the information about the relations between the private keys, those systems are not secure anymore. Motivated by the need of preventing this kind of attacks, they present the security model for related-key attacks in publicly verifiable proofs of retrievability, where the adversary can subsequently observe the outcome of the publicly verifiable proof of retrievability under the modified key. After pointing out a linear related-key attack on an existing proof of retrievability system with public verifiability, they present a secure and efficient proof of retrievability with public verifiability, against related-key attacks.