A Public Auditing Protocol for Cloud Storage System With Intrusion-Resilience

Cloud storage auditing helps users to check the integrity of their data stored on the cloud. However, if the client's auditing secret key is exposed to the malicious cloud, the client's data may be deleted by the malicious cloud without being detected. In this paper, we propose a public auditing protocol with intrusion-resilience to relieve damage caused by the key-exposure problem. The proposed protocol divides the lifetime of files stored on the cloud into several time periods, and each time period is further divided into several refreshing periods. The auditing secret key is updated in each time period, and secret values used to update the auditing secret key change in every refreshing period. These two update operations are completed by the client and the third party auditor (TPA). This protocol is secure against the adversary as long as the client and TPA are not compromised in the same refreshing period. Security proof under random oracle model proves the protocol is secure, and the experimental results indicate that the performance of the protocol is acceptable.