Institute of Electrical and Electronics Engineers, IEEE Transactions on Dependable and Secure Computing, 1(16), p. 72-83, 2019
DOI: 10.1109/tdsc.2017.2662216
Full text: Download
This is the author accepted manuscript. The final version is available from the publisher via the DOI in this record. ; As a core security issue in reliable cloud storage, data integrity has received much attention. Data auditing protocols enable a verifier to efficiently check the integrity of the outsourced data without downloading the data. A key research challenge associated with existing designs of data auditing protocols is the complexity in key management. In this paper, we seek to address the complex key management challenge in cloud data integrity checking by introducing fuzzy identity-based auditing-the first in such an approach, to the best of our knowledge. More specifically, we present the primitive of fuzzy identity-based data auditing, where a user’s identity can be viewed as a set of descriptive attributes. We formalize the system model and the security model for this new primitive. We then present a concrete construction of fuzzy identity-based auditing protocol by utilizing biometrics as the fuzzy identity. The new protocol offers the property of error-tolerance, namely, it binds private key to one identity which can be used to verify the correctness of a response generated with another identity, if and only if both identities are sufficiently close. We prove the security of our protocol based on the computational Diffie-Hellman assumption and the discrete logarithm assumption in the selective-ID security model. Finally, we develop a prototype implementation of the protocol which demonstrates the practicality of the proposal. ; This work is supported by the National Natural Science Foundation of China (61501333,61300213,61272436,61472083), the Fundamental Research Funds for the Central Universities under Grant ZYGX2015J059