Privacy-enhanced remote data integrity checking with updatable timestamp
© 2020 Elsevier Inc. Remote data integrity checking (RDIC) enables clients to verify whether the outsourced data is intact without keeping a copy locally or downloading it. Nevertheless, the existing RDIC schemes do not support the pay-as-you-go (PAYG) payment model, where the payment is decided by the volume and duration of the outsourced data. Specifically, none of the existing works have considered the client's control over changes in storage duration. In this paper, we propose an RDIC scheme to simultaneously check the data content and storage duration represented by an updatable timestamp via the third-party auditor (TPA). Also, our proposed scheme achieves indistinguishable privacy (IND-privacy) against TPA for both data content and timestamp. To bind the content and timestamp in the authenticator and support efficient timestamp update, we construct the authenticator with the randomizable structure-preserving signature (SPS). Additionally, we utilize the Groth-Sahai proof and range proof to provide the IND-privacy and guarantee the timestamp validation in the auditing phase. We formalize the definition and security model and provide the formal proof of our scheme. We also present the theoretical and experimental performance analysis to demonstrate that our scheme is comparable to the previous RDIC schemes which do not consider the storage time.