How to construct random functions
Journal of the ACM (JACM)
Short Signatures from the Weil Pairing
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
A computational introduction to number theory and algebra
A computational introduction to number theory and algebra
Pors: proofs of retrievability for large files
Proceedings of the 14th ACM conference on Computer and communications security
Provable data possession at untrusted stores
Proceedings of the 14th ACM conference on Computer and communications security
Compact Proofs of Retrievability
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Proofs of Retrievability via Hardness Amplification
TCC '09 Proceedings of the 6th Theory of Cryptography Conference on Theory of Cryptography
Dynamic provable data possession
Proceedings of the 16th ACM conference on Computer and communications security
Proofs of retrievability: theory and implementation
Proceedings of the 2009 ACM workshop on Cloud computing security
Reducing trust in the PKG in identity based cryptosystems
CRYPTO'07 Proceedings of the 27th annual international cryptology conference on Advances in cryptology
New directions in cryptography
IEEE Transactions on Information Theory
Hi-index | 0.00 |
For data storage outsourcing services, it is important to allow data owners to efficiently and securely verify that the storage server stores their data correctly. To address this issue, several proof-of-retrievability (POR) schemes have been proposed wherein a storage server must prove to a verifier that all of a client's data are stored correctly. While existing POR schemes offer decent solutions addressing various practical issues, they either have a non-trivial (linear or quadratic) communication complexity, or only support private verification, i.e., only the data owner can verify the remotely stored data. It remains open to design a POR scheme that achieves both public verifiability and constant communication cost simultaneously. In this paper, we solve this open problem and propose the first POR scheme with public verifiability and constant communication cost: in our proposed scheme, the message exchanged between the prover and verifier is composed of a constant number of group elements; different from existing private POR constructions, our scheme allows public verification and releases the data owners from the burden of staying online. We achieved these by tailoring and uniquely combining techniques such as constant size polynomial commitment and homomorphic linear authenticators. Thorough analysis shows that our proposed scheme is efficient and practical. We prove the security of our scheme based on the Computational Diffie-Hellman Problem, the Strong Diffie-Hellman assumption and the Bilinear Strong Diffie-Hellman assumption.