enabling efficient batch verification on data integrity ... · enabling efficient batch...
TRANSCRIPT
![Page 1: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/1.jpg)
Enabling Efficient Batch Verification on Data Integrity for Cloud
Chin‐Laung LeiDepartment of Electrical EngineeringNational Taiwan University
1
![Page 2: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/2.jpg)
Outline
Introduction System model Protocol Experiments and performance analysis Conclusion
![Page 3: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/3.jpg)
Cloud Computing
MobileMobileDevicesDevices
UsersUsers
Cloud ServicesCloud Services Data StorageData Storage
![Page 4: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/4.jpg)
Motivations
![Page 5: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/5.jpg)
Security for Cloud (Remote) Storage
Confidentiality Various encryption systems
Integrity Integrity verification protocols
Availability Redundancy Error correcting code
![Page 6: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/6.jpg)
Integrity Verification
Message digest Naïve approach No authenticated data integrity; Bandwidth wasting Deterministic
Provable data possession (PDP) Authenticated data integrity Probabilistic
Proof of retrivability (PoR) Authenticated data integrity & improved availability Probabilistic
![Page 7: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/7.jpg)
Lifecycle
Repository (data) deployment Generate tags
Integrity verification Challenge data integrity Generate proof of storage
(Optional) Repository evolution Generate tags for modified part
![Page 8: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/8.jpg)
Scenario for Integrity Verification
Data Data OwnerOwner
Third Party Third Party VerifierVerifier
Cloud Storage Provider
1. Deploying Data
2. Verifying Data
Integrity
![Page 9: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/9.jpg)
Issues
Replay attack The status of repository is not clear
Performance Slow verification Even on personal computer
Batch verification Single user Multiple users
![Page 10: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/10.jpg)
Approaches
Replay attack Revision number as timestamp
Performance Multiplication instead of exponential operations
Batch verification Repository as an single file
![Page 11: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/11.jpg)
Scenario for Single User
Data OwnerData Owner
Repositories on the CloudRepositories on the Cloud
Third Party VerifierThird Party VerifierDeployment, Modification, ...
Batch Integrity Verification
Integrity Verification
![Page 12: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/12.jpg)
Bilinear Map
![Page 13: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/13.jpg)
BLS Signatures
![Page 14: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/14.jpg)
Tokens
![Page 15: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/15.jpg)
Security Concern
![Page 16: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/16.jpg)
Security Concern
![Page 17: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/17.jpg)
Repository Deployment
![Page 18: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/18.jpg)
Repository Deployment
![Page 19: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/19.jpg)
Integrity Verification
![Page 20: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/20.jpg)
Integrity Verification
![Page 21: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/21.jpg)
Repository Evolution
![Page 22: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/22.jpg)
Batch Verification for Single User
![Page 23: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/23.jpg)
Probabilistic Detection
Number of blocks needed to fulfill certain detection rateunder various data corruption rate
![Page 24: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/24.jpg)
Probabilistic Detection
Check points
# of Challenged
Blocks
Detection Rate
Data Corruption
Rate300 95% 1%460 99% 1%4610 99% 0.1%6910 99.9% 0.1%
![Page 25: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/25.jpg)
Benchmarks
![Page 26: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/26.jpg)
Verification Time
Client-side verification time with 6910-block challenge
![Page 27: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/27.jpg)
Verification Time
Client-side verification time with 512-megabyte file
![Page 28: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/28.jpg)
Scenario for Multiple Users
Data OwnerData Owner
Repository with Repository with Three Privilege Three Privilege
DomainsDomains Third Party VerifierThird Party VerifierDeployment,
Modification, ...
Batch Integrity Verification
Integrity Verification
![Page 29: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/29.jpg)
From Single User to Multiple Users
Access control Who can commit modifications of a certain part?
Batch verification Verify integrity across different users’ data
Race condition Concurrent write of the same project?
![Page 30: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/30.jpg)
Approaches
Access control Multiple authority
Hierarchical
Batch verification Repository as a single file
Race condition Branching‐and‐merging
![Page 31: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/31.jpg)
Repository Deployment
![Page 32: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/32.jpg)
Key Delegation
![Page 33: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/33.jpg)
Tag Generation
![Page 34: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/34.jpg)
Integrity Verification
![Page 35: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/35.jpg)
Repository Evolution
![Page 36: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/36.jpg)
Batch Verification
![Page 37: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/37.jpg)
Branching-and-Merging
Before modify shared data Copy to one’s own privilege domain (branching)
After finish the modification Coordinate with other collaborators Write the modifications to the trunk (merging)
![Page 38: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/38.jpg)
Branching-and-Merging (Example)
![Page 39: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/39.jpg)
Conclusion
Efficient integrity verification Can even run on smart phone!
Batch verification Convenient for verifiers Suitable for online co‐working
![Page 40: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/40.jpg)
Thank You
![Page 41: Enabling Efficient Batch Verification on Data Integrity ... · Enabling Efficient Batch Verification on Data Integrity for Cloud Chin‐Laung Lei Department of Electrical Engineering](https://reader034.vdocuments.site/reader034/viewer/2022042622/5f9cf569327be57d7429bb83/html5/thumbnails/41.jpg)
Appendix