Blockchain-based publicly verifiable data deletion scheme for cloud storage
Introduction
Cloud computing is the fusion and development of the parallel computing, distributed computing and gird computing, and it connects large scale storage and computing resources together through the Internet (Miao et al., 2014, Wang et al., 2015). With an attractive computing paradigm, cloud computing allows clients to conveniently and ubiquitously enjoy various data services such as cloud storage service, outsourcing computing service, on-demand self-service, etc. (Buyya et al., 2009, Chen et al., 2015, Chen et al., 2014, Chen et al., 2016, Miao et al., 2017). In the cloud storage service paradigm, the resource-constraint users can outsource the expensive storage into the remote cloud and enjoy unstinted storage services.
Despite the tremendous benefits, cloud storage inevitably suffers from some new security problems. Firstly, the outsourced data may often contain some sensitive information, which should be kept so secret that it does not expose to the cloud server. Thus, the secrecy of outsourced data is a security challenge: the cloud server should learn nothing about what it stores actually. The traditional encryption technique should be thought a solution to this problem. However, it is merely a partial solution because performing meaningful operation over the ciphertext is very difficult. Secondly, the data owner stores data on the remote cloud and the cloud server manages the data for him. When the data owner wants to delete the data, he sends a deletion command to the cloud server and the server executes the deletion operation. However, the cloud server is semi-trusted, that is, it may not delete the data honestly for financial incentives. Therefore, how to delete the data permanently and verify the deletion outcome efficiently is another security problem. That is, the verification should only contain some simple computations. Trivially, it must be far more efficient than maintaining the data task itself at least.
The primitive of secure data deletion (also called data erasure) has been extensively studied in the past decade (Cachin et al., 2013, Hao et al., 2016, Luo et al., 2016, Perito and Tsudik, 2010, Sun et al., 2008, Wright et al., 2008, Wright et al., 2003). Most of the existing data deletion methods can be summarized with the same protocol essentially, which called “one-bit-return” protocol. That is, the data owner usually sends a command to delete data from physical medium, and then receives a one-bit reply (Success/Failure) indicating the result of the deletion operation. For example, operation system achieves deletion by removing the link. When receives the deletion command, data management system deletes the link of the file from the underlying file system, and then returns a one-bit result (Success/Failure) to the data owner. While the deletion result of being returned can be misleading. The system only deletes the link of the file, however, the content of the file still remains on the disk, attackers can recover the file by scanning the disk (Garfinkel and Shelat, 2003).
Obviously, deletion by unlinking is not sufficient in the real applications. To delete the content of the file, researchers apply overwriting technology to design secure data deletion schemes. They delete the content of the file by overwriting the physical disks with random data, and many protocols have been proposed (Diesburg and Wang, 2010, Gutmann, 1996, Gutmann, 2001, Hughes et al., 2009, Kissel et al., 2006). By overwriting the storage medium, although the problem of secure data deletion has been theoretically solved in general, the proposed schemes still have two inherent limitations. Firstly, most of the proposed schemes with overwriting method can not support verification. In those protocols, the data owner has to believe the data management system because they can not verify the result of the deletion. Although some schemes provide verification, they need to introduce a trusted third party. The other inherent limitation is that the proposed protocols are much inefficient for practical applications. Therefore, it is still significant to design secure data deletion schemes to delete data permanently and efficiently.
Bonehand and Lipton (1996) presented the first cryptograph-based scheme to solve the secure data deletion problem in 1996. In their scheme, they encrypt all the data before saving it and then delete the plaintext. Later, they delete the decryption key to make the ciphertext invalid, and with a series of follow-up works (Geambasu et al., 2009, Peterson and Burns, 2005, Reardon et al., 2013, Reardon et al., 2013, Tang et al., 2012, Yuan and Yu, 2013). The cryptography-based solution is efficient since it can delete a large amount of data by just deleting a very short decryption key. Especially in distributed storage, we can delete all the duplicate copies of the data that are backed up in distributed locations at once time. However, in those schemes, data owner also can not verify the result of the deletion operation. They have to trust the returned result. Besides, the ciphertext is still stored in the physical medium. Therefore, it is necessary for us to seek for publicly verifiable data deletion protocol.
Although various of data deletion schemes have been presented, most of them have some inherent limitations. Firstly, in most of the existing schemes, they assume that the cloud server is fully trusted and the server will delete the data honestly. However, in cloud computing the cloud server may be dishonest and it does not delete the data sincerely for financial incentives. Therefore, some schemes introduce a trusted third party, and both the data owner and the cloud server believe the trusted third party unconditionally. Nevertheless, it is very difficult to find such a trusted third party. Besides, plenty of the existing solutions can not support public verification. However, to guarantee the deletion result correct and trace if the server is malevolent, the data owner hope the schemes are publicly verifiable. That is, not only the data owner can audit the deletion result, but also anyone else can verify the outcome. Therefore, we propose our blockchain-based publicly verifiable data deletion scheme, which not only supports public verification but also does not contain any trusted third party. To the best of our knowledge, it seems that there is no research work on efficient data deletion schemes that support public verification without any trusted third party in the malicious server model.
Our Contributions. In this paper, we propose a new blockchain-based publicly verifiable data deletion scheme for cloud storage. In our protocol, the data owner O does not fully trust the cloud server S. We use the idea of Blockchain to guarantee that no matter how a malicious S behaves, anyone can verify the result of the deletion operation. The main contributions of this paper are as follows:
- •
We construct a novel blockchain-based publicly verifiable data deletion scheme. If the cloud server does not delete the data honestly, our scheme enables the data owner can detect the malevolent operation of the cloud server. Different from the previous works, there is not any trusted third party in our solution.
- •
We introduce the primitive of Blockchain to solve the public verification problem in the secure data deletion scheme. Taking the advantages of Blockchain system, the proposed protocol can achieve public verification. Besides, our solution is also efficient in communication as well as in computation.
The problem of how to delete digital data securely is particularly important. For the past decades, plenty of researchers have paid considerable attention to this problem, and a series of schemes have been proposed. Although deletion by unlinking is efficient, it just deletes the link and the contents still remain in the disk (Garfinkel and Shelat, 2003).
To delete the content of the file from the physical medium, Gutmann (1996) suggests that the storage medium should be overwritten with random data. In 2010, Paul and Saxena (2010) present a novel data deletion protocol, which called “Proof of Erasability” (PoE). In their protocol, they delete data by overwriting the disk with random patterns, and the host program will return the same patterns of data to the data owner as a proof after deleting. Perito and Tsudik (2010) present a solution called “Proof of Secure Erasure” (PoSE-s). In the protocol, the host program sends a string of random patterns to the embedded device. They assume that the embedded device’ storage is so limited that it can only hold the received random patterns. Therefore, the original data will be overwritten. This scheme works the same way in essential as the PoE in Paul and Saxena (2010) except the additional assumption of limited memory.
Similarly, Luo et al. (2016) propose a permutation-based assured deletion scheme. In the scheme, the cloud storage service provider is economy and offers elastic storage service for data owner. Since the cloud server is economical rational, they assume that the server only maintains the latest version of user's data. Besides, when data owner performs updating all the backups will be consistent. Based on this assumption, they disguise the overwriting performances as data updating operations to delete data. After that, the outcome will be verified through a challenge-response protocol. The data owner can judge whether the server is honest by challenge-response time.
In 1996, Bonehand and Lipton (1996) propose the first cryptography-based protocol to solve secure data deletion problem. In 2010, Tang et al. (2010) present a policy-based file assured deletion scheme (FADE). In their scheme, they encrypt the file with a data key firstly. Then further encrypt the data key with the control keys corresponding to the policy. Finally, they remove the policy to delete the corresponding control key. Subsequently, Xiong et al. (2014) propose a secure data self-destructing protocol, which is key-policy attribute-based encryption with time-specified attributes. Perlman (2005) is among the first in proposing the use of trusted third party (TTP) to address the data deletion problem. In the solution, the data owner encrypts the data with a data key, and then the data key is encrypted with a control key by a separate TTP. The TTP destroys the control key to make the data which corresponding to the control key unrecoverable. In 2016, Hao et al. (2016) present a secure data deletion scheme which based on a “trust-but-verify” paradigm - Trusted Platform Module (TPM). Their scheme can make the deletion process more transparent and the deletion result publicly verifiable. Data owner can verify the correctness of encryption and honesty of deletion without accessing to the source code of the TPM.
The rest of the paper is organized as follows: Section 2 defines some preliminaries. We defines the problem, including system model and design goals in Section 3. In Section 4, we propose our secure blockchain-based data deletion scheme. The analysis of the secure data deletion protocol is discussed in Section 5, including security analysis, comparison and performance evaluation. Finally, we give a brief conclusion of prior art in the last section.
Section snippets
Preliminaries
In this section, we first introduce the basic definitions and construction of Merkle Hash Tree. Then we will describe the Timestamping Service. Finally, we give a short description of Blockchain, which is very important for achieving the public verification.
System model
The proposed blockchain-based publicly verifiable data deletion scheme consists of three entities: the data owner, the cloud server, and the timestamp server. The architecture of blockchain-based publicly verifiable data deletion scheme is shown in the Fig. 3.
- •
The data owner is the entity that wants to upload and store the data on the remote cloud to reduce the burden of managing the data locally by himself. The uploaded file is only owned by the data owner. Moreover, when he does not
High description
In this paper, we consider the secure data deletion model in cloud computing, which is similar to Hao et al. (2016), Luo et al. (2016). In this scenario, they suffer from a trust problem between the data owner O and the cloud server S. That is, O does not believe that S deletes the file sincerely as his request. To solve this trust problem, researchers both in academic and industry have made extreme efforts and proposed many schemes. In the previous literatures, many solutions introduced a
Security analysis
In this section, we analyze the security of the proposed secure data deletion protocol in this paper. As we mentioned before, we assume that the data owner O does not fully trust the cloud server S. Besides, we also consider that a malicious data owner O colludes with S and delete data illegally. Theorem 1 The proposed data deletion scheme satisfies the property of correctness. Proof If the cloud server S is assumed to be honest, and it deletes the data sincerely, then the evidence is .
Conclusion
In this paper, we propose a new publicly verifiable data deletion scheme for cloud storage based on Blockchain. In the proposed scheme, the data owner O and the cloud server S do not fully trust each other. Different from the existing schemes, we adopt Blockchain system to guarantee that a data owner O could detect the cheat no matter when a dishonest S behaves malevolently. Besides, if S is malicious and it cheats O, the O can prove that S is dishonest by verifying the proof of deletion
Acknowledgement
This work was supported by the National Natural Science Foundation of China (Nos. 61572382, 61772405 and 61702401), China 111 Project (No. B16037), and the Natural Science Basic Research Plan in Shaanxi Province of China (No.2016JZ021).
References (37)
- et al.
Cloud computing and emerging it platforms: vision, hype, and reality for delivering computing as the 5th utility
Future Gener. Comput. Syst.
(2009) - et al.
Bitcoin-based fair payments for outsourcing computations of fog devices
Future Gener. Comput. Syst.
(2018) - et al.
Publicly verifiable databases with efficient insertion/deletion operations
J. Comput. Syst. Sci.
(2017) - et al.
Improving the efficiency and reliability of digital time-stamping
Seq. II: Methods Commun. Secur. Comput. Sci.
(1993) - Bonehand, D., Lipton, R.J., 1996. A revocable backup system. In: Proceedings of the Sixth USENIX Security Symposium,...
- Cachin, C., Haralambiev, K., Hsiao, H.C., Sorniotti, A., 2013. Policy-based secure deletion. In: The 2013 ACM SIGSAC...
- et al.
New publicly verifiable databases with efficient updates
IEEE Trans. Dependable Secur. Comput.
(2015) - et al.
New algorithms for secure outsourcing of modular exponentiations
IEEE Trans. Parallel Distrib. Syst.
(2014) - et al.
Verifiable computation over large database with incremental updates
IEEE Trans. Comput.
(2016) - et al.
A survey of confidential data storage and deletion methods
ACM Comput. Surv.
(2010)
Remembrance of data passed: a study of disk sanitization practices
IEEE Secur. Priv.
How to time-stamp a digital document
J. Cryptol.
Deleting secret data with public verifiability
IEEE Trans. Dependable Secur. Comput.
Disposal of disk and tape data by secure sanitization
IEEE Secur. Priv.
Cited by (135)
PPFchain: A novel framework privacy-preserving blockchain-based federated learning method for sensor networks
2023, Internet of Things (Netherlands)RVC: A reputation and voting based blockchain consensus mechanism for edge computing-enabled IoT systems
2023, Journal of Network and Computer ApplicationsA BIPMU-based network security situation assessment method for wireless network
2023, Computer Standards and InterfacesAdrestus: Secure, scalable blockchain technology in a decentralized ledger via zones
2022, Blockchain: Research and ApplicationsCitation Excerpt :Thus, it eliminates the chance to malicious changes of the intermediate blocks in the ledger. Furthermore, the blockchain solution is used in the implementation of cryptocurrencies, which can lower transaction costs of payments and handle them in a more transparent and automated way [11]. This can be achieved by removing the middleman, i.e., banks, which do the job of recording users' transactions and establishing a tamper-proof digital platform for storing and sharing data with users' privacy.
Emerging Trends in Blockchain Technology and Applications: A Review and Outlook
2022, Journal of King Saud University - Computer and Information SciencesProvable data deletion from efficient data integrity auditing and insertion in cloud storage
2022, Computer Standards and InterfacesCitation Excerpt :However, many of these protocols mainly pay attention to proof of outsourced data integrity without involving the requirements of data insertion and data deletion. Hao et al. [12] and Yang et al. [13] declare that it is impossible to achieve data deletion by utilizing software-based methods unless thoroughly destroying the physical mediums absolutely. Many studies utilize cryptography to realize provable data deletion, in which all of the files are encrypted before outsourcing to the remote cloud server, and then data owners delete the files by destroying the related data decryption keys.