Security Analysis and Improvements on a Remote Integrity Checking Scheme for Regenerating-Coding-Based Distributed Storage-Reference-Cited by-同舟云学术

Security Analysis and Improvements on a Remote Integrity Checking Scheme for Regenerating-Coding-Based Distributed Storage

Published:2021-04-21 Issue: Volume:2021 Page:1-8
ISSN:1939-0122
Container-title:Security and Communication Networks
language:en
Short-container-title:Security and Communication Networks

Author:

Liu Guangjun¹^ORCID,Guo Wangmei²^ORCID,Liu Ximeng³^ORCID,Xiong Jinbo⁴^ORCID

Affiliation:

1. School of Information Engineering, Xi’an University, Xi’an 710065, China

2. State Key Laboratory of Integrated Services Networks, Xidian University, Xi’an 710071, China

3. College of Mathematics and Computer Science, Fuzhou University, Fuzhou 350108, China

4. College of Mathematics and Informatics, Fujian Normal University, Fuzhou 350117, China

Abstract

Enabling remote data integrity checking with failure recovery becomes exceedingly critical in distributed cloud systems. With the properties of a lower repair bandwidth while preserving fault tolerance, regenerating coding and network coding (NC) have received much attention in the coding-based storage field. Recently, an outstanding outsourced auditing scheme named NC-Audit was proposed for regenerating-coding-based distributed storage. The scheme claimed that it can effectively achieve lightweight privacy-preserving data verification remotely for these networked distributed systems. However, our algebraic analysis shows that NC-Audit can be easily broken due to a potential defect existing in its schematic design. That is, an adversarial cloud server can forge some illegal blocks to cheat the auditor with a high probability when the coding field is large. From the perspective of algebraic security, we propose a remote data integrity checking scheme RNC-Audit by resorting to hiding partial critical information to the server without compromising system performance. Our evaluation shows that the proposed scheme has significantly lower overhead compared to the state-of-the-art schemes for distributed remote data auditing.

Funder

National Natural Science Foundation of China

Publisher

Hindawi Limited

Subject

Computer Networks and Communications,Information Systems

Link

http://downloads.hindawi.com/journals/scn/2021/6652606.pdf

Reference27 articles.

1. Remote data checking for network coding-based distributed storage systems;B. Chen

2. Data integrity verification of the outsourced big data in the cloud environment: A survey

3. Provable data possession at untrusted stores;G. Ateniese

4. An Overview on Privacy Preservation and Public Auditing on Outsourced Cloud Data

5. Privacy-preserving public auditing for regenerating-code-based cloud storage;J. Liu;IEEE Transactions on Information Forensics and Security,2015