Delegable Provable Data Possession for Remote Data in the Clouds

Many storage systems need to do authorized verification for data integrity. For example, a user stores his data into cloud storage servers and shares his data with his friends. They check data integrity periodically to ensure data intact. However, they don’t want a stranger to check data integrity on their data. Therefore, public verification is undesired in this situation. The user can share his private key to his friends for private verification. However, his friends may reveal his private key to others. In this paper, we proposed the delegable provable data possession (delegable PDP) model to solve this problem. Delegable PDP allows a user to control who can check data integrity of his data, and guarantee that delegated verifiers cannot re-delegate this verification capability to others. Delegable PDP enjoys advantage of authorized verification and convenience of public verification. We define a delegable PDP model and provide a construction for it. User U generates verifiable tags of his data and the delegation key dkU→V for delegated verifier V. U uploads his data, tags, and dkU→V to storage servers. When integrity check, storage servers can use dkU→V to transform U ’s tags into the form that V can verify with his private key skV . Our model allows U to revoke V’s verification capability by removing dkU→V from storage servers directly. We prove our protocol secure in the random oracle model. Our protocol achieves proof unforgeability, proof indistinguishability, and delegation key unforgeability.