In cloud storage systems, the server (or peer) that stores the client’s data is not necessarily trusted. Therefore, users would like to check if their data has been tampered with or deleted. A naive solution can just keep a hash per file and after downloading a file and hashing it, compares the new hash with the stored one. However, outsourcing the storage of very large files (or whole file systems) to remote servers presents an additional constraint: the client should not download all stored data in order to validate it since this may be prohibitive in terms of bandwidth and time.

Current popular cloud storage services, including but not limited to, Dropbox, Amazon S3, Google Documents, Microsoft Azure, unfortunately do not provide the user with sufficient security guarantees. On the contrary, they explicitly decline any responsibility for lost or corrupted data in their service agreements.

Using our techniques, both users and companies will benefit. Users will enjoy increased security and provable cryptographic guarantees, while companies can charge premium fees for offering such guarantees, or can now have more customers who were worried about security issues.

 

Related Publications:

  1. David Cash, Alptekin Küpçü, Daniel Wichs, "Dynamic Proofs of Retrievability via Oblivious RAM", Journal of Cryptology, 30(1):22-57 Jan 2017.
  2. Ertem Esiner, Adilet Kachkeev, Samuel Braunfeld, Alptekin Küpçü, Öznur Özkasap, "FlexDPDP: FlexList-based Optimized Dynamic Provable Data Possession", ACM Transactions on Storage 12(4) Aug 2016. (see also Cryptology ePrint Archive Report 2013/645).
  3. Mohammad Etemad, Alptekin Küpçü, "Generic Efficient Dynamic Proofs of Retrievability", ACM CCS CCSW 2016.
  4. C. Chris Erway, Alptekin Küpçü, Charalampos Papamanthou, Roberto Tamassia, "Dynamic Provable Data Possession", ACM Transactions on Information and System Security (TISSEC), 17(4), 2015.
  5. David Cash, Alptekin Küpçü, Daniel Wichs, "Dynamic Proofs of Retrievability via Oblivious RAM", EUROCRYPT 2013.
  6. Mohammad Etemad, Alptekin Küpçü, "Transparent, Distributed, and Replicated Dynamic Provable Data Possession", ACNS 2013.
  7. Alptekin Küpçü, "Official Arbitration with Secure Cloud Storage Application", The Computer Journal, 58 (4): 831-852, 2015, doi: 10.1093/comjnl/bxt138. (see also Cryptology ePrint Archive Report 2012/276).
  8. Ertem Esiner, Alptekin Küpçü, Öznur Özkasap, "Analysis and Optimization on FlexDPDP: A Practical Solution for Dynamic Provable Data Possession", ICC 2014.
  9. Ertem Esiner, "FlexDPDP: FlexList-based Optimized Dynamic Provable Data Possession", M.Sc. Thesis, 2013.
  10. Adilet Kachkeev, "InterLocal: Integrity and Replication Guaranteed Locality-based Peer-to-Peer Storage System", M.Sc. Thesis, 2013.
  11. Adilet Kachkeev, Ertem Esiner, Alptekin Küpçü, Öznur Özkasap, "Energy Efficiency in Secure and Dynamic Cloud Storage", EE-LSDS 2013.
  12. C. Chris Erway, Alptekin Küpçü, Charalampos Papamanthou, Roberto Tamassia, "Dynamic Provable Data Possession", ACM CCS 2009.
  13. Patent grantedUS 8978155 & WO2010011342 & CA2731954. (Contact: Brown Technology Ventures Office)
  14. Patent grantedUS 9749418. (Contact: Koç University Technology Transfer Office)

 

DOWNLOAD CODE HERE

 

Project Funding:

We are grateful for the support from Koç Sistem, Türk Telekom, TÜBİTAK, and European Union COST Action IC1206.

 

 

Secure Cloud Storage