Stateless Cloud Auditing Scheme for Non-Manager Dynamic Group Data With Privacy Preservation

As one of the core services of cloud computing, cloud storage could satisfy various storage and management requirements caused by the growth of data. Considering the complexity and uncontrollability of the cloud storage environment, many cloud auditing schemes were presented to assure the integrity of data in the cloud. However, most existing schemes have security risks, such as identity privacy and data privacy disclosure, authority abuse of group managers and collusion attacks during user revocation. To solve these problems, we propose a stateless cloud auditing scheme for non-manager dynamic group data with privacy preservation. The proposed scheme not only realizes user identity privacy preservation but also preserves data privacy security with the random masking technique. Unlike other solutions, our scheme allows $t$ group users to trace the user’s identity cooperatively without group managers, which eliminates authority abuse of group managers and provides non-frameability. Meanwhile, utilizing the concept of Shamir Secret Sharing, our scheme divides the re-signing process into several parts to resist collusion attacks during user revocation. By the designed binary tree, group users could trace dynamic data changes and recover the latest data when existing data are damaged. Besides, both users and the third-party auditor (TPA) are stateless in our scheme; that is, they no need to maintain data index information during cloud auditing. Our scheme also achieves mutual supervision between users and cloud service providers (CSPs), which ensures data are non-repudiation on both parties. Furthermore, we construct an efficient incentive for data visitors by using the blockchain technology and design a secure data sharing model to guarantee that data owners control their data ownership. Certificateless cryptography assures that the proposed scheme avoids certificate management and key escrow problems. Finally, security analysis and performance evaluation show that our scheme is secure and efficient.