Generic Dynamic Data Outsourcing Framework for Integrity Verification

Abstract

Ateniese et al. proposed the Provable Data Possession (PDP) model in 2007. Following that, Erway et al. adapted the model for dynamically updatable data and called it the Dynamic Provable Data Possession (DPDP) model. The idea is that a client outsources her files to a cloud server and later challenges the server to obtain a proof of the integrity of her data. Many schemes have later been proposed for this purpose, all following a similar framework. We analyze dynamic data outsourcing schemes for the cloud regarding security and efficiency and show a general framework for constructing such schemes that encompasses existing DPDP-like schemes as different instantiations. This generalization shows that a dynamic outsourced data integrity verification scheme can be constructed given black-box access to an implicitly-ordered authenticated data structure. Moreover, for blockless verification efficiency, a homomorphic verifiable tag scheme is also needed. We investigate the requirements and conditions these building blocks should satisfy, using which one may easily check the applicability of a given building block for dynamic data outsourcing. Our framework serves as a guideline/tutorial/survey and enables us to provide a comparison among different building blocks that existing schemes employ.