On indistinguishability in remote data integrity checking

Authors

Xinyu Fan, University of WollongongFollow
Guomin Yang, University of WollongongFollow
Yi Mu, University of WollongongFollow
Yong Yu, University of WollongongFollow

RIS ID

102638

Publication Details

Fan, X., Yang, G., Mu, Y. & Yu, Y. (2015). On indistinguishability in remote data integrity checking. The Computer Journal, 58 (4), 823-830.

Abstract

With a rapid growth of data storage in the cloud, data integrity checking in a remote data storage system has become an important issue. A number of protocols, which allow remote integrity checking by a third party, have been proposed. Although those protocols are provably secure, the data privacy issues in those protocols have not been considered. We believe that these issues are equally important since the communication flows of integrity proofs from the cloud server should not reveal any useful information of the stored data. In this paper, we introduce a new definition of data privacy called 'IND-Privacy' by an indistinguishability game. It is found that many existing remote integrity proofs are insecure under an IND-Privacy game. It is also found that by adopting witness indistinguishable proofs, the IND-Privacy is achievable. We provide an instantiation that captures data integrity, soundness and IND-privacy.

Grant Number

ARC/DP110101951, ARC/DP130101383

Additional Grant Number

http://purl.org/au-research/grants/ARC/DP110101951

http://purl.org/au-research/grants/ARC/DP130101383