Security Analysis and Improvements on a Remote Integrity Checking Scheme for Regenerating-Coding-Based Distributed Storage

Enabling remote data integrity checking with failure recovery becomes exceedingly critical in distributed cloud systems. With the properties of a lower repair bandwidth while preserving fault tolerance, regenerating coding and network coding (NC) have received much attention in the coding-based storage field. Recently, an outstanding outsourced auditing scheme named NC-Audit was proposed for regenerating-coding-based distributed storage. The scheme claimed that it can effectively achieve lightweight privacy-preserving data verification remotely for these networked distributed systems. However, our algebraic analysis shows that NC-Audit can be easily broken due to a potential defect existing in its schematic design. That is, an adversarial cloud server can forge some illegal blocks to cheat the auditor with a high probability when the coding field is large. From the perspective of algebraic security, we propose a remote data integrity checking scheme RNC-Audit by resorting to hiding partial critical information to the server without compromising system performance. Our evaluation shows that the proposed scheme has significantly lower overhead compared to the state-of-the-art schemes for distributed remote data auditing.

Fine Grained Decentralized Access Control With Provable Data Transmission and User Revocation in Cloud

Cloud computing started a new era for IT enterprises. It allows the movement of application from local to remote location, massive data storage. Owner has access to centralized or decentralized data storage server, where data management handled by remote vendor. But, the heterogeneous and dynamic nature of cloud introduces security challenges. Among them, access control and integrity checking are most important which incur high consideration. Attribute-based encryption is one of the access control technique which allows integration of access policies, attributes, and encrypted data. In this paper, a new fine-grained decentralized data access control technique with user revocation has been proposed. Here, service provider is responsible for verifying the user authenticity. The proposed schema supports integrity checking and user revocation. The integrity checking proof validates that the user data is intact and revocation mechanism will help to revoke the user in linear time. Moreover, the proposed access control and authentication schemes are decentralized and comparable to other approaches.

Enhancement in data security and integrity using minhash technique

Data <span>encryption process and key generation techniques protect sensitive data against any various attacks. This paper focuses on generating secured cipher keys to raise the level of security and the speed of the data integrity checking by using the MinHash function. The methodology is based on applying the cryptographic algorithms rivest-shamir-adleman (RSA) and advanced encryption standard (AES) to generate the cipher keys. These keys are used in the encryption/decryption process by utilizing the Pearson Hash and the MinHash techniques. The data is divided into shingles that are used in the Hash function to generate integers and in the MinHash function to generate the public and the private keys. MinHash technique is used to check the data integrity by comparing the sender’s and the receiver’s encrypted digest. The experimental results show that the RSA and AES algorithms based on the MinHash function have less encryption time compared to the normal hash functions by 17.35% and 43.93%, respectively. The data integrity between two large sets is improved by 100% against the original algorithm in terms of completion time, and 77% for small/medium data and 100% for large set data in terms of memory utilization.</span>