In this section, theoretical analysis of the modified version of ECDSA is been done.
Theorem 1: Proof for signature verification
The signature received by the third party auditor (TPA) is denoted as (u,v) on a data. If a signature (u.v) on a message was certainly generated by an entity data owner (DO), then compute:
1 i d vk M u mod n Rearranging gives:
1 d kGv M i * u G mod n 1 1 * * ) d v M G i u v G mod n
* * * d M zG z Q v mod n
* * u G v Q mod n Thus u* Gv* Q
uv* i G
kG, and so s = u as required.Security Analysis in this protocol
The proposed protocol ensures data integrity. Also this protocol proves its correctness in the sense that the server and third party verifier can pass the verification of the data as long as both of them are honest. The server can pass the verification process successfully only when the server has not modified any piece of the data. The third party verifier can prove himself when the verifier reports any malfunction that is found.
The proposed protocol is also proved to be private against the third party verifier. The proposed protocol deals with the two security requirements: security against the server and security and privacy against the third party auditor. First we prove the security against the server. Consider two entities in this scenario.
One entity is the data owner and the other entity being an adversary that stands for the untrusted server.
Definition 1: Security against the server.
Consider a scenario in which the data owner has stored the data in the server and needs to check for its
Sumathi D., S. Kathik
integrity by posting a query for the corresponding message digest (Md) of the file (F).
Consider a game between the antagonist and the challenger. The antagonist is considered to be the one who might steal the data and the challenger is the prover. Here the prover is considered to be the server. The following functions are carried by the entities:
1. Gen k ,G
Q,i
This function is executed by the challenger.2. Sign F ,d ,k ,n
u,v
This function is done by the challenger.3. The antagonist might compute the message digest (Md) of the corresponding file.
4. The challenger must compute a value:
1 d
yk M i* u mod n
5. The challenger must run the function verify(y, u). If it returns FALSE then the antagonist won the game and thus prove the security against the server.
Definition 2: Privacy against Third-Party Verifier
The third party verifier does not get any other information except the message digest (Md). This protocol is proved strongly private against the third party verifier.
Proof: Assumptions:
Simulator (S) for the view of the verifier is constructed. The input to the verifier includes
t Pk ,Md , r ,s where Pk is public key, Md is the Message digest and r, s is digital signature.
The output of the simulator is computationally indistinguishable with the view of the verifier:
A
1
1Adv X ,Y Pr A X Pr A Y
The output of A can be arbitrary, but we deduce the output as {1} indicating that the adversary A is satisfied with the client and if any other output indicates that the adversary’s test results are not satisfied. Under the semi honest model the output of this function will return the value as {TRUE}.
The simulator consists of the following steps:
Step 1: The simulator computes the value:
1
zs mod n
Step 2: Using the Message digest value the simulator
computes r1M * z mod nd and 2r u zmod n*
Step 3: Using a third point on the elliptic curve (p, q)
and an addition operator r1*pr2*q
x0,y0
Step 4: Now computes X mod n0 .
Step 5: The verifier output is denoted as {t, (s)}
The verifier’s view during the protocol execution is denoted as Pv.:
Pv
View t , s (1)
The output of the simulator is denoted as {t. s}. This output is identically distributed with (u, v). If the output obtained by the simulator gets matched and identical with the view’s output. The simulator’s output and View
Pv output have identical distributions which are
computationally indistinguishable.
Here the verifier cannot get any information from the messages received except its input and output.
Complexity Analysis and Experimental Results
Communication, Computation and storage cost: The communication, computation and storage cost of the data owner, third party verifier and cloud service provider are analyzed in this paper. The cost of ECDSA signature generation requires one elliptic curve point multiplication (ECPM), one integer inversion, two integer multiplications and SHA-1 invocation on the message. But the verification cost of signature done by the data owner is less compared to traditional ECDSA signature verification. Traditional ECDSA signature verification [10] requires an additional elliptic curve point multiplication (ECPM). In our proposed auditing activity the verification cost is still very less.
Verification cost[14] requires one integer inversion, one integer multiplication and hash function of message.
Tecpm -> Time complexity for executing the elliptic curve point multiplication.
Tinv -> Time complexity for executing integer inversion.
Tmul -> Time complexity for executing integer multiplication.
Scenario 1: Communication between cloud service provider and data owner without the third party verifier.
The cloud service provider sends the Message digest value of the requested data (Md) for verification to the data owner. Both the public key and private key is known to the data owner, the cost of the proving for data integrity is very less. Data owner computes a value by using the received Message digest value and the part of the signature created for that corresponding digest value. That value is compared with the remaining part of the signature. If the function returns Success then it proves that data has not been modified and it proves for data integrity. The time complexity calculated in this function is Tinv mul T Th x . The communication cost between the data owner and the cloud service provider can be calculated as follows:
Step 1: The data owner sends a query to the service
provider.
Step 2: The cloud service provider sends the Message
Sumathi D., S. Kathik
Copyright © 2014 Praise Worthy Prize S.r.l. - All rights reserved International Review on Computers and Software, Vol. 9, N. 9 Therefore the communication cost is ‘l’ bits.
Scenario 2: Communication between the data owner, server and the third party verifier (TPA). The proposed
protocol analyzes the time complexity, communication cost of client, server and third party verifier separately since this protocol supports public audit ability.
Data owner calculates and send the public key to TPA. The time complexity is 2Tinv2TecpmTh x
The communication cost can be calculated as follows: Step 1: The data owner sends the public key to the third party auditor (TPA) for which the data integrity to be proved. Here the length of the public key can be ‘k’ bits.
Step 2: The third party auditor receives the request for
proof of data integrity. Corresponding to that, the data owner sends the public key to the TPA. The TPA in turn issues the request for the Message digest to the service provider. On receiving the request the service provider computes the digest value and sends to the TPA.
Therefore the communication cost is calculated as:
k nc (2)
k - length of public key in bits n – length of the digest value in bits
c – refers to the Boolean value {1,0}. one bit.
The storage cost of data owner, cloud service provider and third party verifier are given below (Table I).
TABLE I
STORAGE COST OF DATA OWNER
Data Owner Cloud service provider TPA
|i|+ |n| +|(u,v)| |n| |k|
From the above table we can see that the storage cost of data owner is i+n where ‘i’ refers to the private key, ‘n’ refers to the message digest and cost of storing digital signature.
In the case of TPA, the cost of storing public key is ignored since it is used for temporary computation and there is no need to store any values.
V.
Conclusion
This paper briefly describes the proof of data integrity by devising a protocol using digital signature algorithm.
The security and correctness of the data is proved. This protocol proves the security against the untrusted servers and privacy against the third party verifiers. We have analyzed the time complexity, computation and storage cost of cloud service provider, data owner and third party verifier and through theoretical analysis it is proved to be an efficient one.
References
[1] Ateniese, G., Burns, R.C., Curtmola, R., Herring, J., Kissner, L.,
Peterson, Z.N.J., Song, D.X., 2007. Provable data possession at untrusted stores. In: Proceedings of the 2007 ACM Conference on Computer and Communications Security, CCS 2007,pp. 598–609. [2] Yan Xiangtao, Li Yifa Information engineering university, Zhengzhou, China, [email protected]. “A new remote data integrity checking scheme for cloud storage “.
[3] Erway, C.C., Küpc¸ ü, A., Papamanthou, C., Tamassia, R., 2009. Dynamic provable data possession. In: Proceedings of the 2009 ACM Conference on Computer and Communications Security, CCS 2009, pp. 213–222.
[4] C.Wang, Q. Wang, K. Ren, and W. Lou, “Ensuring Data Storage Security in Cloud Computing,” Proc. 17th Int’l Workshop Quality of Service (IWQoS ’09), 2009.
[5] Zhuo Hao, Sheng Zhong, Member, IEEE, and Nenghai Yu, Member, IEEE, “A Privacy-Preserving Remote Data Integrity Checking Protocol with Data Dynamics and Public Verifiability “IEEE transactions On Knowledge and Data Engineering, Vol. 23, No. 9, September 2011”.
[6] A. Juels and B.S. Kaliski Jr., “Pors: Proofs of Retrievability for Large Files,” Proc. 14th ACM Conf. Computer and Comm. Security (CCS ’07), pp. 584-597, 2007.
[7] Sravan Kumar, R.; Saxena, A., "Data integrity proofs in cloud storage," Communication Systems and Networks (COMSNETS), 2011 Third International Conference on, vol., no., pp.1,4, 4-8 Jan. 2011. doi: 10.1109/COMSNETS.2011.5716422
[8] Hung-Zih Liao, Yuan-Yuan Shen, ”On the Elliptic Curve Digital Signature Algorithm”, Tunghai, Science Vol. 8: 109126 July, 2006
[9] Z. Hao, S. Zhong, and N. Yu, “A Privacy-Preserving Remote Data Integrity Checking Protocol with Data Dynamics and Public Verifiability,” Technical Report 2010-11, SUNY Buffalo CSE Dept., http://www.cse.buffalo.edu/ tech-reports/2010-11.pdf, 2010.
[10] Reza R. Farashahi, Hongfeng Wu, Chang-An Zhao, Efficient Arithmetic on Elliptic Curves over Fields of Characteristic Three, Lecture Notes in Computer Science Volume 7707, 2013, pp 135- 148.
[11] Francesc Sebe´ , Josep Domingo-Ferrer, Senior Member, IEEE, Antoni Martı´nez-Balleste´ ,Yves Deswarte, Member, IEEE, and Jean-Jacques Quisquater, Member, IEEE, “Efficient Remote Data Possession Checking in Critical Information Infrastructures” IEEE transactions On Knowledge and Data Engineering, Vol. 20, no. 8, August 2008.
[12] G. Ateniese, R. Burns, R. Curtmola, J. Herring, O. Khan, L. Kissner, Z. Peterson, and D. Song, “Remote Data Checking Using Provable Data Possession”, ACM Transactions on Information and System Security, Vol. 14, No. 1, Article 12, Publication date: May 2011.
[13] Mihir R. Gohel , Bhavesh N. Gohil “A New Data Integrity Checking Protocol with Public Verifiability in Cloud Storage” Trust Management VI IFIP Advances in Information and Communication Technology Volume 374, 2012, pp 240-246 [14] A. Jurisic, A. Menezes, “Elliptic Curves and Cryptography”,
2003, http://www.certicom.com/whitepapers.
[15] Jena, R.K., Mahanti, P.K., Computing in the cloud: Concept and trends, (2011) International Review on Computers and Software
(IRECOS), 6 (1), pp. 1-10.
[16] Jena, R.K., Green cloud computing: Need of the hour, (2012)
International Review on Computers and Software (IRECOS), 7
(1), pp. 45-52.
[17] Narayanan, G.G., Raja Ranganathan, S., Karthik, S., An efficient user revocation and encryption methods for secure multi-owner data sharing to dynamic groups in the cloud, (2014) International
Review on Computers and Software (IRECOS), 9 (5), pp. 825-
831.
[18] Mercy Gnana Rani, A., Marimuthu, A., Kavitha, A., Artificial fish swarm load balancing and job migration task with overloading detection in cloud computing environments, (2014)
International Review on Computers and Software (IRECOS), 9
(4), pp. 727-734.
[19] Jawabrah, M., Aboud, M., Enhancing performance of partitioned database in cloud computing environment, (2014) International
Review on Computers and Software (IRECOS), 9 (2), pp. 355-
Sumathi D., S. Kathik
[20] Priyadharshini, M., Baskaran, R., Balaji, N., Saleem Basha, M.S., Analysis on countering XML-based attacks in web services, (2013) International Review on Computers and Software
(IRECOS), 8 (9), pp. 2197-2204.
[21] Alnouri, M., El-Koutly, R., Traffic protection as a service in MPLS cloud network, (2013) International Review on Computers
and Software (IRECOS), 8 (7), pp. 1644-1649.
Authors’ information
1PPG Institute of Technology, Coimbatore.
2SNS College of Technology, Coimbatore.
Mrs. D. Sumathi is Presently Associate Professor, Department of Computer Science and Engineering, PPG Institute of Technology, Affiliated to Anna University Chennai, Tamil Nadu. She received the B.E degree from Bharathiar University in 1994 and M.E degree from Sathyabama University in 2006, Chennai and pursuing her Ph.D degree in Anna University, Chennai. Her Research interests include Cloud computing, Network Security and Theoretical Foundations. Mrs.D.Sumathi published papers in international journal and conference papers and has been involved many international conferences as Technical Chair and tutorial presenter. She is a active member of ISTE.
Dr. S. Karthik is presently Professor & Dean, Department of Computer Science & Engineering, SNS College of Technology, affiliated to Anna University- Chennai, Tamilnadu, India. . M.E Degree and Ph.D Degree from Anna University Chennai. His research interests include network security, web services and wireless systems. In particular, he is currently working in a research group developing new Internet security architectures and active defense systems against DDoS attacks. Dr.S.Karthik published papers in international journal and conference papers and has been involved many international conferences as Technical Chair and tutorial presenter. He is a active member of IEEE, ISTE and Indian Computer Society.
International Review on Computers and Software (I.RE.CO.S.), Vol. 9, N. 9
ISSN 1828-6003 September 2014
Copyright © 2014 Praise Worthy Prize S.r.l. - All rights reserved