Remote data possession checking with privacy-preserving authenticators for cloud storage

As a convenient and economical data storage solution, cloud storage has been widely adopted in recent years. For cloud storage users, how to guarantee data integrity is one of the biggest concerns. Remote data possession checking schemes are proposed to address this problem. Nonetheless, the existing approaches do not consider the privacy of authenticators, which sometimes may bring financial loss to users. In this paper, we propose a new paradigm named remote data possession checking with privacy-preserving authenticators for cloud storage. In this new paradigm, both cloud service provider and the public verifier do not have access to the real authenticators (signatures) for cloud data. Meanwhile, the integrity of cloud data is still able to be efficiently checked. It is potentially useful in some special situations where electronic checks and contracts are outsourced. To securely protect the privacy of the authenticator, we design a new authenticator called Homomorphic Invisible Authenticator (HIA), which protects the privacy of authenticator and supports the blockless verification. Based on HIA, we construct the first remote data possession checking scheme with privacy-preserving authenticators for cloud storage. To evaluate the security and efficiency of our proposed scheme, we conduct both theoretical analysis and simulation experiments. The results show that our proposed paradigm is secure and efficient.