Efficient auditing for shared data in the cloud with secure user revocation and computations outsourcing

With the cloud storage services, users can easily form a group and share data with each other. Considering the cloud is untrusted, public auditing is needed to ensure the integrity of the shared data. Once a user is revoked from the group, signatures from this revoked users need to be re-computed by an existing user, which may incur heavy communication and computation cost. Proxy re-signatures can be used here to allow the cloud to compute re-signatures on behalf of the group. However, a malicious cloud is able to arbitrarily convert signatures from one user to another using the re-signing keys. Moreover, collusion between revoked users and malicious clouds will disclose the secret values of the remaining users. In this paper, we propose a novel public auditing scheme for the integrity of shared data with efficient collusion-resistant user revocation. In addition, we extend the proposed scheme to support securely signature and verification outsourcing, which allow more efficiency for group users and the auditor. The numerical analyses and experimental results demonstrate that our scheme is provably secure and highly efficient, the outsourcing algorithms make the signatures generation and verification process more efficient and affordable for mobile devices.