Smarter Data Availability Checks in the Cloud: Proof of Storage via Blockchain

Smarter Data Availability Checks in the Cloud: Proof of Storage via Blockchain

Aydin Abadi
DOI: 10.4018/978-1-7998-7712-7.ch017
(Individual Chapters)
No Current Special Offers


Cloud computing offers clients flexible and cost-effective resources. Nevertheless, past incidents indicate that the cloud may misbehave by exposing or tampering with clients' data. Therefore, it is vital for clients to protect the confidentiality and integrity of their outsourced data. To address these issues, researchers proposed cryptographic protocols called “proof of storage” that let a client efficiently verify the integrity or availability of its data stored in a remote cloud server. However, in these schemes, the client either has to be online to perform the verification itself or has to delegate the verification to a fully trusted auditor. In this chapter, a new scheme is proposed that lets the client distribute its data replicas among multiple cloud servers to achieve high availability without the need for the client to be online for the verification and without a trusted auditor's involvement. The new scheme is mainly based on blockchain smart contracts. It illustrates how a combination of cloud computing and blockchain technology can resolve real-world problems.
Chapter Preview


The importance of cloud computing is swiftly growing. The cloud is receiving increasing attention (Luxner, 2021, March 15; Abadi, 2017), as it enables ubiquitous access to a pool of configurable computing resources that can be scaled up, on demand. It offers elastic and cost-effective storage and computation resources to clients. It has been drawing the attention of individuals and businesses as a vital game-changing technology. There are various benefits for businesses to use the cloud, such as cost flexibility, business scalability, and increased collaboration with external partners (Berman et al., 2012). Nevertheless, the cloud is susceptible to data security breaches such as exposing confidential data, data tampering, and denial of service. Thus, it cannot be fully trusted, and it is crucial for the clients who use the cloud to protect the security of their own data.

To address these issues, researchers have proposed Proof of Storage (PoS). It is an interesting cryptographic protocol that allows a client (e.g., a computer system acting on behalf of a party) to efficiently verify the integrity or availability of its data that is stored in a remote cloud server, which is not necessarily trusted (Kamara, 2013). In general, PoS schemes can be classified into two distinct categories; namely, Proofs of Retrievability (PoR) (proposed by Juels and Kaliski, 2007) and Proofs of Data Possession (PDP) (proposed by Ateniese et al., 2007). The former variant offers a stronger security guarantee than the latter, because a PoR scheme guarantees that the entire file is available whereas a PDP scheme guarantees that only a portion of a file remains intact in a remote server. The schemes that offer stronger security guarantees (i.e., PoR) are the main focus of this chapter. Since, in traditional PoR schemes, a client has to either perform the verification itself or delegate it to a fully trusted third-party, researchers proposed outsourced PoR schemes that let a client delegate the verifications, without having to fully trust a single entity. An efficient outsourced PoR scheme has recently been put forward by Abadi and Kiayias (2021, March 4). The scheme uses the decentralised nature of the blockchain (and smart contracts) to eliminate the involvement of a single trusted third-party. It allows a client to outsource its data to a single server, and lets the client delegate the verification of its data availability to a smart contract, which can periodically check data availability on the client’s behalf.

In this chapter, it will be shown how we can improve upon the state-of-the-art outsourced PoR. In particular, a new variant of the PoR that lets a client store and distribute replicas of its sensitive data among multiple cloud servers, is discussed. The new PoR variant does not require the client to be always available to perform data availability checks itself. Instead, a smart contract efficiently performs the checks, on the client’s behalf, and pays the servers if they successfully prove to the smart contract that the data is available. In the new scheme, the time intervals between two consecutive verifications can have different sizes which makes this scheme more flexible. To do that, it will be shown how the “chained time-lock puzzle” scheme, that is used in the scheme proposed by Abadi and Kiayias (2021, March 4), can be modified to support different size, time intervals. The modified chained time-lock puzzle scheme will be used in the multi-server outsourced PoR protocol. Thus, there are two primary properties that the multi-server outsourced PoR scheme offers, compared with the state-of-the-art PoR protocol, i.e., supporting (a) multiple cloud servers, and (b) allowing different size time intervals. The proposed scheme is mainly based on symmetric-key primitives that leads to an efficient implementation. The scheme imposes low costs, especially at the verification phase, while preserving all appealing features of the state-of-the-art protocol.

Key Terms in this Chapter

Boneh-Lynn-Shacham (BLS) Signature: This is a cryptographic signature scheme that lets a user verify that a signer is authentic. One of the main features of this scheme is “signature aggregation”, that allows multiple signatures that are computed under multiple public keys (for different messages) to be combined into a single signature.

Time-Lock Puzzle: Time-lock puzzles are cryptographic protocols that allow sending messages “to the future”. In these schemes, a sender can generate a puzzle with a solution that remains hidden until a moderately large amount of time has elapsed.

Proof of Retrievability (PoR): A cryptographic protocol that allows a client to efficiently verify the availability of its entire data stored in a potentially malicious remote cloud server. In other words, it the scheme lets the client check if its entire outsourced data is retrievable from a cloud server.

Proof of Data Possession (PDP): A cryptographic protocol that lets a client—that stored data on a potentially malicious server—to later verify that the server possesses the original data without requiring to retrieve the entire file. In general, PDP schemes only ensure the integrity of outsourced data (but not the retrievability of it).

Merkle Tree: In cryptography, a Merkle Tree (or hash tree) is a data structure that is used for data verification. It is a tree-like data structure built on top of a file such that a leaf node of the tree is the file block, and each non-leaf node is a hash of two child nodes. It has been used in various schemes such as digital signatures and Bitcoin.

Message Authentication Code (MAC): MAC is the metadata (or tag) of a message that allows a verifier to authenticate the message or detect the message modification. The algorithm that generates a MAC is usually a symmetric-key cryptographic scheme that is highly efficient. It is often used in cases where the party who generates and verifies a MAC is the same (i.e., supports only private verification).

Verifiable Delay Function (VDF): A VDF lets a prover generate a publicly verifiable proof, thereby proving that it has carried out a pre-determined number of sequential computations. To generate such a proof, it needs to perform the required sequential computations. The VDF has various applications, e.g., to extract trustworthy public randomness from a blockchain in decentralised systems.

Smart Contract: A decentralised computer program that is used to digitally facilitate, verify, or enforce a contract’s clause without relying on a single trusted third-party arbiter. The contract code is usually stored in a blockchain and is executed by all nodes of the blockchain network.

Commitment Scheme: A cryptographic tool which lets a party to publicly commit to a message while keeping the message hidden to others, with the ability to reveal the committed message later without being able to change the message.

Complete Chapter List

Search this Book: