Dynamic Proofs of Retrievability for Coded Cloud Storage Systems

Cloud storage allows users to store their data in a remote server to get rid of expensive local storage and management costs and then access data of interest anytime anywhere. A number of solutions have been proposed to tackle the verification of remote data integrity and retrievability in cloud storage systems. Most of existing schemes, however, do not support efficient data dynamics and/or suffer from security vulnerabilities when involving dynamic data operations. In this paper, we propose an enhanced dynamic proof of retrievability scheme supporting public auditability and communication-efficient recovery from data corruptions. To this end, we split up the data into small data blocks and encode each data block individually using network coding before outsourcing so that i) an update inside any data block only affects a few codeword symbols and ii) communication-efficient data repair for a breakdown server can be achieved. To eliminate the communication overhead for small data corruptions within a server, each encoded data block is further encoded via erasure codes. Based on the encoded data blocks, we utilize range-based 2-3 tree (rb23Tree) to enforce the data sequence for dynamic operations, preventing the cloud service provider from manipulating data block to pass the integrity check in the dynamic scenario. We also analyze the effectiveness of the proposed construction in defending against pollution attacks during data recovery. Formal security analysis and extensive experimental evaluations are conducted, showing that the proposed scheme is practical for use in cloud storage systems.