Public cloud data auditing with practical key update and zero knowledge privacy

Yong Yu, Yannan Li, Man Ho Allen Au, Willy Susilo, Kim Kwang Raymond Choo, Xinpeng Zhang

Research output: Chapter in book / Conference proceedingConference article published in proceeding or bookAcademic researchpeer-review

18 Citations (Scopus)


Data integrity is extremely important for cloud based storage services, where cloud users no longer have physical possession of their outsourced files. A number of data auditing mechanisms have been proposed to solve this problem. However, how to update a cloud user’s private auditing key (as well as the authenticators those keys are associated with) without the user’s re-possession of the data remains an open problem. In this paper, we propose a key-updating and authenticator-evolving mechanism with zero-knowledge privacy of the stored files for secure cloud data auditing, which incorporates zero knowledge proof systems, proxy re-signatures and homomorphic linear authenticators. We instantiate our proposal with the state-of-the-art Shacham-Waters auditing scheme. When the cloud user needs to update his key, instead of downloading the entire file and re-generating all the authenticators, the user can just download and update the authenticators. This approach dramatically reduces the communication and computation cost while maintaining the desirable security. We formalize the security model of zero knowledge data privacy for auditing schemes in the key-updating context and prove the soundness and zero-knowledge privacy of the proposed construction. Finally, we analyze the complexity of communication, computation and storage costs of the improved protocol which demonstrates the practicality of the proposal.
Original languageEnglish
Title of host publicationInformation Security and Privacy - 21st Australasian Conference, ACISP 2016, Proceedings
PublisherSpringer Verlag
Number of pages17
ISBN (Print)9783319402529
Publication statusPublished - 1 Jan 2016
Event21st Australasian Conference on Information Security and Privacy, ACISP 2016 - Melbourne, Australia
Duration: 4 Jul 20166 Jul 2016

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Conference21st Australasian Conference on Information Security and Privacy, ACISP 2016

ASJC Scopus subject areas

  • Theoretical Computer Science
  • General Computer Science


Dive into the research topics of 'Public cloud data auditing with practical key update and zero knowledge privacy'. Together they form a unique fingerprint.

Cite this