| Summary: | Cloud storage provides an inexpensive and effective means for the storage and management of images, which in turn occupy a huge proportion and are usually stored in an archived mode. Considering the security and efficiency requirements of cloud images, an efficient real-time integrity audit scheme is in urgent need. However, existing solutions cannot be directly applied since they do not take the characteristics of cloud images into account and thus take enormous computations, communications, and storage to generate, transfer, and store authentication data. Moreover, the result of auditing cannot be used as evidence to prove the guilt of cloud service provider since the verifier whom is specified by the client may hide its misbehavior. Reversible watermarking is a potential way to achieve lightweight real-time audit for cloud images without introducing permanent distortion. Nevertheless, existing algorithms cannot provide stable capacity for authentication data of fixed length. In addition, it entails security problems once it is used to solve the fairness problem. This paper proposes an efficient real-time integrity audit scheme specific to cloud images with fair arbitration support. The scheme is based on the presented adaptive reversible watermarking algorithm which provides a fixed embedding capacity for images to embed authentication data. To address fairness problem under the proposed mechanism, we adopt Diffie-Hellman key exchange scheme to design a new challenge-response protocol under the established simplified consensus mechanism, so that replay attack resistance and privacy-preserving fair arbitration are achieved. The security analysis and performance evaluation show that the proposed scheme has provable security and greatly enhanced efficiency comparing with the state of the art.
|
|---|
