Backdoor-Resistant Public Data Integrity Verification Scheme Based on Smart Contracts

This article analyzes existing smart contract-based public data integrity verification schemes and identifies certain weaknesses. First, the fair arbitration mechanism deployed in these schemes fails to meet the users' requirements as it may not promptly notify users of data corruption or loss. Second, to ensure outsourced data confidentiality, existing data integrity schemes use a conventional encrypted method, where each user randomly selects a key to encrypt the outsourced data. Such a method results in varying ciphertexts for the same data by different users, leading to additional storage costs for the cloud server. Third, users' devices, if poorly designed or even intentionally backdoored, can potentially exfiltrate secrets and compromise the security of schemes. To address these issues, we propose the first backdoor-resistant public data integrity verification scheme based on smart contracts (ASSIST). The key idea is to introduce a new entity (a whistleblower) to periodically monitor the state of verification results recorded in the blockchain. This allows for timely notification of data corruption to users. ASSIST requires users to encrypt their data with a cryptographic primitive called message-locked encryption (MLE), which motivates different users to produce the same ciphertext for the same data and reduces storage costs for cloud servers. We also deploy a cryptographic reverse firewall between users' devices and the external to rerandomize interactive messages, making the exfiltration impossible. We provide rigorous security proofs to demonstrate the security of ASSIST. The performance evaluation shows that ASSIST is efficient regarding computation and communication costs.

Automated summary

This article analyzes existing smart contract-based public data integrity verification schemes and identifies weaknesses in them. The fair arbitration mechanism in these schemes fails to promptly notify users of data corruption or loss, which does not meet the users' requirements. The conventional encrypted method used by existing schemes to ensure data confidentiality leads to additional storage costs for the cloud server due to varying ciphertexts for the same data. Users' devices, if poorly designed or backdoored, can compromise the security of the schemes. To address these issues, a new backdoor-resistant public data integrity verification scheme called ASSIST is proposed, which introduces a whistleblower entity to monitor the verification results and ensure timely notification of data corruption. ASSIST uses message-locked encryption to motivate the production of the same ciphertext for the same data and reduces storage costs. A cryptographic reverse firewall is deployed to prevent exfiltration from users' devices. Security proofs and performance evaluation demonstrate the efficiency and security of ASSIST.