Enabling cloud storage auditing with key-exposure resistance

Jia Yu*, Kui Ren, Cong Wang, Vijay Varadharajan

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

178 Citations (Scopus)


Cloud storage auditing is viewed as an important service to verify the integrity of the data in public cloud. Current auditing protocols are all based on the assumption that the client's secret key for auditing is absolutely secure. However, such assumption may not always be held, due to the possibly weak sense of security and/or low security settings at the client. If such a secret key for auditing is exposed, most of the current auditing protocols would inevitably become unable to work. In this paper, we focus on this new aspect of cloud storage auditing. We investigate how to reduce the damage of the client's key exposure in cloud storage auditing, and give the first practical solution for this new problem setting. We formalize the definition and the security model of auditing protocol with key-exposure resilience and propose such a protocol. In our design, we employ the binary tree structure and the preorder traversal technique to update the secret keys for the client. We also develop a novel authenticator construction to support the forward security and the property of blockless verifiability. The security proof and the performance analysis show that our proposed protocol is secure and efficient.

Original languageEnglish
Article number7031921
Pages (from-to)1167-1179
Number of pages13
JournalIEEE Transactions on Information Forensics and Security
Issue number6
Publication statusPublished - 1 Jun 2015


  • Data storage
  • cloud computation
  • cloud storage auditing
  • homomorphic linear authenticator
  • key-exposure resistance


Dive into the research topics of 'Enabling cloud storage auditing with key-exposure resistance'. Together they form a unique fingerprint.

Cite this