A cloud storage system consists of a data owner (DO) and a cloud server (CS) under the control of cloud service provider (CSP). We use digital signatures to verify the data integrity. Data Owner (DO) an entity who uploads a file or an archive on to the cloud. Cloud server (CS) an entity who stores the data. CSP controls the cloud server. In this cloud computing paradigm the data owner (DO) stores their file in the cloud server without retaining a copy of it. The critical importance in outsourcing data is that the client has to verify the data for integrity verification. When the server modifies the data the client must be able to detect it. We propose a remote data integrity checking protocol by using digital signature algorithm. Data integrity is checked either by downloading the entire content of the file or meta data of
Sumathi D., S. Kathik
the file.
Accessing the entire file and checking for integrity verification leads to I/O cost and time constraints. Hence to overcome these drawbacks we devise a scheme to verify data integrity by computing the digest value (Md) for the whole data. The digest value sent by the server at the client side is compared with the original digest value created by the data owner before uploading the file. If both the values are same it reports that the data has not been modified by the server or any intruder.
III.1. Problem Formulation
We consider a file ‘f’ of size ‘m’ is divided into blocks ‘b’ of equal lengths ‘l’ where f= f1,f2,f3,….fb and b= |f|/ l . We propose a remote data integrity checking protocol. This protocol ensures the privacy of data against the third party verifiers. Computations can be either done by third party verifiers or by the data owner.
The following functions are implemented in this protocol:
1. Key generation process
2. Signing process by the data owner (DO)
3. Signature verification process by the verifier. Verifier may be neither the third party auditor (TPA) nor the data owner (DO).
Data owner (DO) before uploading the file performs the following functions. Both the private and public key is generated by the data owner.
III.2. ECDSA
Our paper defines methods for signature generation and signature verification using Elliptical Curve Digital Signature Algorithm (ECDSA). ECDSA is a variant of RSA and DSA that operates on elliptic curves.
Key pair is related with a particular set of domain parameters D = (q,FR,a,b,G,n,h). Data owner must ensure that the domain parameters are valid. Data owner does the following process to generate key pair.
Key generation process
Select an elliptic curve defined over a filed representation. The field can be either finite field Fp or a base point whose elements are represented with respect to a polynomial. Domain parameters consists of:
1. Field size q = p an odd prime.
2. An indication (FR) to represent the field elements Fq 3. Two field elements ‘a’ and ‘b’ which define the
equation for the elliptic curve E in Fq Case 1 p = 2 y2xyx3ax2b Case 2 p > 3 y2 x3ax2b
4. A bit string of length at least 160 bits called seed value which is an optional if an elliptic curve generated is verifiably at random.
5. A point G (xg,yg) of prime order.
6. The order ‘n’ of point ‘G’ with n > 2 160 and n > 4 √q 7. Cofactor h = # E(Fq ) /n
Data Owner Key pair generation: 1. Select a point ‘G’ on the elliptic curve.
2. A random unique unpredictable integer ‘i’ [1, n-1] is selected.
3. Do the computation as Qi* G
4. The private key is denoted as ‘i’ and public key is denoted as ‘Q’.
III.3. Signature Generation Process
The signatory (Data Owner) has to sign the message. To sign the message data owner has to do the following procedure. Data Owner is the signatory of the message.
To sign a message data owner must first create a message digest (Md) with the help of hash function. The domain parameters D= (q,FR,a,b,G,n,h) and the associated public key, private key pair (Q, i) is used: 1. An unique random integer ‘k’ is selected such that 1
≤k ≤ n-1.
2. Calculate K * G
x , x1 2
and u = x1 mod n 3. If u = 0 then go to step1.4. else compute k-1 mod n.
5. Compute Md = SHA-1(f).where secured hash algorithm is used.
6. Compute vk1
Md i u mod n
7. If v =0 then go to step 1
8. Data Owner signature is denoted as (u,v). Private key FILE Secured Hash Algorittm Message Digest
DSA Sign Operation
Digital Signature (Encrypted Message Digest)
Fig. 1. Signing process by the data owner
AFirst a message digest (MD) is created at the sender side. A message digest is a short summary of the message that is going to be transmitted from the data owner side to the cloud server side. Hashing algorithm is used to create a message digest. The hashing algorithm ensures the data integrity by generating a hash value when any piece of the data is changed. The Message digest is encrypted with the private key created by the data owner and the encrypted message digest is formed, which is called as digital signature (DS). The digital signature which is formed is sent to the cloud server.
The data owner encrypts the file and uploads onto the cloud provider storage space along with the digital signature.
Sumathi D., S. Kathik
Copyright © 2014 Praise Worthy Prize S.r.l. - All rights reserved International Review on Computers and Software, Vol. 9, N. 9 III.4. Signature Verification by the Verifier
To ensure the correctness of the data in the cloud server the data owner issues a request to send the signature along with the timestamp computed by the server. It is easy to prove the data integrity by completely downloading the entire data from the remote server.
But downloading the large amounts of data just for checking data integrity is a waste of communication bandwidth. Hence the data owner issues a request (Ri) for the digital signature (ui ,vi) for the data stored by the owner. We propose a verification process that can be either done by the third party auditor (TPA) or by the data owner.
When the verifier is the third party auditor (TPA) this protocol make certain that no private information about the data is leaked. Based on the request issued by the data owner (DO) or third party auditor (TPA) the message digest (Md) is computed and it is given to the corresponding entity who has issued the request. The cloud service provider computes the message digest (Md) and digital signature (u, v) for the corresponding file and send to the verifier to check for data integrity. The verifier can be either the data owner (DO) or third party auditor (TPA). If the verifier is the data owner the cloud service provider (CSP) sends the message digest value (Md) of the corresponding data.
Case 1: Signature verification by the data owner (DO)
Data Owner on request to the cloud service provider (CSP) gets the message digest value for data integrity verification. Data Owner’s computation time is very less when compared with the third party auditor (TPA). From the signature sent by the data owner, DO must extract ‘u’ and ‘v’ separately.
Data owner must compute:
1 d
yk M i* u mod n
If y = u then it is proved that data has not been modified. Hence the data integrity verification can be done by the data owner at the minimal cost.
If the verifier is the third party auditor (TPA) the cloud service provider (CSP) must send the digital signature (ui, vi ) and the message digest value (Md) for the corresponding data. Data owner initiates the process of signature verification by the third party auditor by issuing the public key (Q) to the TPA.
Case 2: Signature verification by the third party auditor (TPA)
1. Data owner has to send the Public key (Q) to the third party auditor (TPA)
2. On request by the third party auditor (TPA) the cloud service provider (CSP) computes the message digest (Md) and digital signature (ui , vi) of the corresponding data.
3. Third party auditor(TPA) computes the following computations
i. Compute zv1modn. ii. Compute r1M * z mod nd iii. Calculate r2u* z mod n
iv. Construct a third point on the elliptic curve v. by addition operator
vi. r * p1 r * Q2
x , y0 0
vii. Find sx mod n0viii. If s = u then it shows that the data has not been modified and it proves for data integrity.