ID-based Data Integrity Auditing Scheme from RSA with Resisting Key Exposure

As an important method, cloud-based data auditing can realize the integrity checking of the outsourced data efficiently. However, the existing public auditing schemes are mainly based on the PKI (public key infrastructure). In this infrastructure, the auditor must validate the certificates of data user before auditing data integrity. Thus, there exist some drawbacks in such infrastructure. (1) It brings the heavy computation burdens on the auditor in the auditing process (2) Complicated management of public key certificate makes the whole auditing protocol inefficient, in particular, in the multi-user setting. To overcome complicated key management and key exposure and reduce computation cost in the auditing process, we propose ID-based data integrity public auditing scheme with forward security in this paper. After a private key of data user is compromised, all previous produced authentication tags still remain valid. And we also show that our construction is provably secure under the RSA assumption with prime exponents. Due to being based on RSA, none of pairing operation is required in any algorithm, it makes that auditing efficiency is greatly improved since the implementations of pairings are much harder than those of exponentiations in a RSA group. The highlight in our scheme is that the auditor’s verification cost is constant, it is independent of the number of the challenged set. Comparing with Yu et al.’s scheme, our scheme has more advantages in terms of computation cost and communication overhead. And implementation results also show that our scheme is very practical and suitable for the multi-user setting in the real life.