International Journal of Engineering and Technical Research (IJETR)

ISSN: 2321-0869 (O) 2454-4698 (P), Volume-5, Issue-2, June 2016

Data Auditing Using Proof of Retrievability and

Recovery in Cloud Computing
Miss.Prachiti Karandikar, Prof. Dr.Pradeep K.Deshmukh

Abstract Cloud computing is a way to increase capabilities

without investing in infrastructure as well as licensing cost on
new software. Users are storing data on cloud storage with the
expectation that data should be accessible, consistent and
correct. While using cloud storage data reliability and integrity
are major problems that need to face. Cloud Service Provider
(CSP) can modify or delete data which either takes large Fig.1.Advanced view of Integrity
memory space or unused by client from a long time. Hence, some
technique is needed for checking the data periodically for its Amazon, Microsoft, EC2, Google and are some famous cloud
integrity. To overcome this problem, proof of retrievability storage service providers that have attracted users to use
scheme is proposed here. It includes use of TPA along with CSP. cloud storage. Users are enjoying use of these services due to
TPA preprocesses the data and check data integrity reducing ease of access to their data which is hosted on another
computational burden at client side. Also if the file is changed or infrastructure.
deleted then recovery of original file is done with the help of With increased use of Internet technologies, the major
distributed servers. obstacle is to preserve the originality of data. Difficulty of
outsourced data may also be depend on the way by which the
Index Terms Cloud computing, data security, data data owner find an effective solution to participate in frequent
integrity, Proof of retrievability. checking for integrity of data without the neighborhood
reproduction of data documents.Fig.1 shows the advanced
view of Integrity.
I. INTRODUCTION Users need to verify that their data remain as they stored on
Cloud computing, is on-demand computing. Cloud computing cloud. Because data stored on cloud can easily be lost or
is a useful resource where we can store all our data in order corrupted due to human errors and hardware and software
that some applications and software can get full advantages by failures. Also data can be changed or deleted by malicious
making use of this technology without any server and regional cloud storage server. Traditionally entire data was retrieved
hard disk for our data storage. Registration of user to the from cloud and cryptographic techniques, hash values are
cloud server or to the third party which provide the cloud used for integrity verification. Many schemes and researches
service is needed. Privacy of the information and security has have been done. Schemes fall into a) Private verifiability b)
to be considered. Day by day community bandwidth is Public verifiability.
growing .Due to this bandwidth and riskless but flexible Private verifiability means data owner can verify integrity of
network connections users can now use high pleasant their outsourced data. It provides higher efficiency but
offerings from information and program located at remote increases computational overhead at client side.
information centers. Public verifiability allows anyone to check the integrity of
data. For this third party auditor is used which alleviates
There are many advantages of cloud over local storage. Cloud clients from performing lots of computation.
server provides facility to store users data on a cloud. So In cloud computing data is uploaded as well as updated by
customers can add their information on cloud and can access clients.
it without any additional burden of time, location, and cost. Many integrity verification schemes only focus on static data.
Scheme proposed here provide public verifiability as well as
dynamic data operation.
Framework contains four parties Clients, third party auditor
(TPA), Cloud storage server (CSS) and Distributed Server
(DS).
Manuscript received.
Miss.Prachiti M. Karandikar, Computer Science and Engineering,
Savitribai Phule Pune University/ Rajarshi Shahu College of II. RELATED WORK
Engineering/JSPM,Pune,India,8421595167,(e-mail:prachitimkarandikar@
gmaill.com). In [1] new scheme is proposed to check the integrity of
outsourced data. TPA is offered to scale down the
Dr.P.K.Deshmukh, Computer Science and Engineering, Savitribai computational burden of client. TPA does the task of auditing
Phule Pune University / Rajarshi Shahu College of Engineering / JSPM,
the data by challenging the CSS. Scheme provides public
Pune, India,9922266346 ,(e-mail:pkdeshmukh9@gmaill.com).
. verifiability along with dynamic data operation. This PoR
model provides safety against the reset attacks launched by

191 www.erpublication.org
 Data Auditing Using Proof of Retrievability and Recovery in Cloud Computing

cloud storage server within the upload phase.TPA stores the Scheme proposed in Paper [6] provides provable security and
tag of file to be uploaded and use these tags to check integrity. desirable efficiency simultaneously. Two servers are used.
Particularly one for auditing and another for data storing.
In [2] authors defined a PDP model. It gives probabilistic Third party Auditor (TPA) is used for auditing purpose. TPA
proof that third party stored a file. User can access small screens information stored in cloud storage as well as
blocks of file for producing the proof. Challenge and response transactions between data owner and cloud storage server
method is used in this technique. Some constant amount of (CSS). Public verifiability is provided. All the Computation is
metadata of clients data is stored at client side. Locally stored done by server instead of client. This leads to reduction of
metadata is used to verify proof which is given by server computational overhead at client side. Security of this scheme
.Client gives challenge to server for proving possession and is analyzed under variant of [2] which supports public
wait for response. Server then computes and sent proof to verifiability. This is the game between challenger C (client)
client. Metadata is used to check correctness of response. and storage server (adversary A) played to get proof of
RSA based Homomorphic variable tags are used to achieve retrievability from Adversary A. If proof is valid for fraction
goal. PDP accesses random sets of blocks and samples of challenges, client can extract the file F.
servers storage. Limitation of PDP is it gives only
probabilistic proof not a deterministic proof. It cannot support In this paper [7], author tends to propose a secure cloud
dynamic data possession. storage system supporting privacy- preserving open auditing.
Author tend to any extend their result to modify the TPA to
In [3] a new scheme known as proof of retrievability (POR) is perform audits for various users simultaneously and with
proposed. Using this scheme, verifier (user) can determine effectiveness. Inside and out security and performance
that whether Prover (server) hacked his file or not. Scheme analysis show the arranged schemes area unit indisputably
uses sentinels (called disguised blocks). Sentinels are hidden secure and amazingly economical.
among usual file blocks for detecting data amendment by way
of the server. Verifier challenges prover by specifying
locations where sentinels are collected and asking to return III. ISSUES
associated value. Values are compared then to check integrity Implementations of all these aforementioned algorithms in
of data. In this approach single cryptographic key is computed Section II provide solutions that fulfill many requirements
and stored by verifier. Key is computed using keyed hash such as high scheme efficiency, stateless verification, and
algorithm. Error resiliency of their system is improved due to retrievability of data. Some provide public verifiability and
error correction codes. This scheme increases larger storage some provide private verifiability. Another major concern is
requirement and computational overhead on prover. support of dynamic data operation. In cloud storage the
outsourced information no longer only accessed however
In [4] authors proposed new technique to obtain PoR. Two update by way of clients additionally. Regrettably, existing
schemes are proposed here. Pubic verifiability is implemented work ordinarily center of attention on static information
in first scheme. Here shortest query response of any POR is documents. Dynamic data only addressed in [4]. Also all
obtained which is secure in the random oracle model. Second above work only provide information about file is corrupted
scheme provides shortest response with private retrivability. or not. We propose a framework which provides public
It is secure in the standard model. Two homomorphic verifiability, dynamic data support along with recovery of
authenticators are used. First is based on PRFs and second corrupted file.
based on BLS signature. Only one authentication value is
allowed in both schemes. Here, erasure encoded file is broken
up into n blocks by user. Each file block is accompanied by IV. PROBLEM STATEMENT
way of authenticators of equal size. Use of BLS signature give
smaller sized proof as compared with RSA. It also accept
higher error rate. But this scheme still works on static data No existing scheme can provide public verifiability and
only; dynamic data update is not supported. dynamic data operations simultaneously. To overcome this
We propose a Proof of Retrievability (PoR) construction
In [5] PDP model is expanded. Verifiable updates on which provides public verifiability, dynamic data operation
stored data are provided. It makes use of new variation of and recovery for corrupted files.
authenticated dictionaries. These dictionaries are centered on
rank knowledge. Rank knowledge is used for organizing
dictionary entries. To check the integrity of file blocks, V. IMPLEMENTATION DETAILS
authentication skip list is used. Untrusted server stores File F This Framework contain three parties Clients, third party
and its skip list. Root metadata is stored at client side. File f is auditor (TPA), Cloud storage server (CSS), Distributed
divided into blocks. Client issues question atRank (i) to the servers (DS)
server when he desires to verify integrity of block I. Server
then computes tag T (i) as its proof and send to client. Clients
compare proof given by server with stored metadata and
check for integrity. Also to update the data client issue atRank
(i) (for insertion) and atRank (i-1) (for deletion).It does not
allow for public variability of the stored data.

192 www.erpublication.org
 International Journal of Engineering and Technical Research (IJETR)
ISSN: 2321-0869 (O) 2454-4698 (P), Volume-5, Issue-2, June 2016
2. Upload : This is two step process

A. System Model Step 1: Client uploads file F to TPA.

Encryption
Upload (K, F) (F*)
TPA generates tag using hash function and
signs on it. Hash values are stored and receipt is sent
back to client

Step 2: TPA uploads file F to CSS

Upload (F*, t) (F*)

Where t=sig (h (F))
TPA sends file with tag to CSS.

3. INTEGRITY VERIFICATION
Client through TPA or TPA directly challenges
CSS for integrity verification by sending query for
file (which needs to be verified).CSS sends file as
proof to TPA.TPA checks for integrity.
V (t,)

Fig. 2 System Architecture

P (F*, t)
} 1 if F* passes verification
0 if F* fails verification
4. UPDATE
Client: Client has large data files for outsourced on cloud. Data modification, data insertion and data
Also depend on cloud for maintenance and computation of deletion is done.
data. Client can be either any organization or an individual. After updation also, CSS have to pass
integrity verification
Third party auditor (TPA): It is trusted third party which can
expose the risk of cloud storage services on behalf of client. In V (tu, update)
this system TPA generates tag for data in file before
uploading it to cloud storage server.
P (Fu*, tu)
} t if Fu* passes updation
0 if Fu* fails updation
Cloud storage server(CSS):This entity is managed by Cloud 5. RECOVERY
service Provider (CSP).It has computation resource and If File fails verification test, it means that file is
storage space for maintenance of clients data.CSS have to corrupted so client can go for recovery to get his original file.
provide integrity proof during integrity verification phase. Client requests TPA to recover his file and TPA messages to
DS for recovery.
Distributed Servers (DS): These servers are used to store Reco (F*, t)
another copy of data stored on CSS. To recover the corrupted Request (t) Recovered file Fr*
file, data backed up on DS is used Again verification is done on recovered file.
B. Security Model
When client thinks of checking originality of his data, he
simply challenges the cloud storage server .Client can request D. Algorithm
to TPA integrity checking of any file block which is stored at
cloud storage server.TPA forwards challenge to storage AES Encryption
server and storage server response with proof in the form of
hash values. TPA equates the received hash of file block form The AES algorithm is a symmetric block cipher used to
proof with hash values stored in his database. If the hash Encrypt (encipher) and decrypt (decipher) information. It
matches, it sends response to client, which show that the uses the same key for encrypting and decrypting, so both the
requested file stored on CSS is not corrupted otherwise it is sender and receiver must know and use of same secret key.
corrupted. If the file is corrupted then TPA recovers file with AES as well as most encryption algorithms is reversible. The
the help of Distributed servers. TPA orders CSS for recovery AES algorithm operates on bytes, which makes it simpler to
of corrupted file using distributed servers. Distributed servers implement and explain. AES is an iterated block cipher means
are used for backup of original files. that the same operations are performed many times on a fixed
number of bytes.
C. System Phases
1. Setup:
This is key generation phase.
Setup (security Parameter) Key K

193 www.erpublication.org
 Data Auditing Using Proof of Retrievability and Recovery in Cloud Computing

1. M and N selects appropriately safe and large Prime Pr.

Also chooses the hash function H().

2. M and N settle on a share password .

3. M and N both build G=H (2) mod Pr.

4. M picks a secret random integer A, then sends N,

Ga mod Pr.

5. N picks a secret random integer B, then sends M,

Gb mod Pr.

6. M and N each terminate if their received values are not in

the range [2, Pr-2] to avoid small subgroup confinement
attack

7. M computes K= (G a mod Pr) mod Pr.

8. M computes K= (G b mod Pr) mod Pr.

RECOVERY
Fig. 3 AES Encryption and Decryption

If file corruption have been detected then

SHA1 1. TPA requests original file from one of the
distributed server
SHA1 is a message digest algorithm .It takes as a input a 2. Applies hashing and stores hash values.
Message and produces as output 160-bit hash value. . 3. TPA sends recovered data to cloud storage server.
SHA1 algorithm is 6-step process 4. CSS stores the new recovered file.
i. Padding of 1000,
ii. Appending message length,
iii. Preparing 80 process functions, E. Mathematical Model
iv. 80 constant, Let W is the Whole System Consist of W= {I, P, O, S, F}
v. Preparing 5 word buffers, Where,
vi. Processing input in 512 blocks. I input, P-Procedure, S-Success, F-Failure
Both the transmitter and intended receiver of a message in Input (I):
Computing and verifying a Digital signature uses the SHA1. I= {F}
It is computationally not feasible to find a message which Where F is Collection of files to be stored on cloud
corresponds to a given message digest when we use SHA1. server
Also task of finding two different messages which produce F= {f1, f2, FN}
the same message digest is hard. Any change to a message
result in a different message digest, and the signature will fail Procedure (P):
to verify. P={S, Up, HT n, HC n , Ud,R}
Where,
SPEKE 1. Setup (Key generation)
S= {K1, K2, .Kn} Where, K is the set of keys
generated.
SPEKE stops man in the middle attack by the integration of
the password. An invader who is superior to recite and alter
Setup (security Parameter) Key K
all messages between m and N cant discover the shared key
K and cant make deduce more than one password in each
2. Upload
interaction with a party who knows that.
All messages between M and N cant discovered shared key K Up= {Up1, Up2, Upn} Where Up is the set of files
And cant deduce more than one password in each interaction uploaded to cloud storage.
with a party who knows that.
Ek (F, K) UPI
F is encrypted and stored to cloud server.

3.Integrity verification using hash values

194 www.erpublication.org
 International Journal of Engineering and Technical Research (IJETR)
ISSN: 2321-0869 (O) 2454-4698 (P), Volume-5, Issue-2, June 2016
SHA1(F*) H
HT = { HT1, HT2, ., HTn }
where HTn is set of hash values stored at TPA.
Hc = { Hc1, Hc1 , ., HC1}
where HC n is set of hash values stored at cloud
storage server.
Equal (HT i , Hc i) =
} 1 if F* passes verification
0 if F* fails verification
4. Update
Ud= {Ud1, Ud2Udn} where Ud is the set of files
to be updated
5. Recovery Fig. 5.Time cost for original file download and download
with recovery.

Figure .5. depicts the time required for "original file

download" and 'download after doing recovery. Experiments
VI. EXPERIMENTAL SETUP shows that our system requires bit extra time for 'download
after recovery' than original file download. This feature
The system is built using Java framework (version improves fault tolerance of the system within near about same
jdk1.8) on Windows platform. The eclipse is used as a time.
development tool. The system doesnt require any specific ( 'Original file download' means time required for normal
hardware to run; any standard machine is capable of running download of file when file is available at cloud server.
the application. The system analysis is carried out on datasets 'Download after recovery' means time required to download
consisting of files. file when it is deleted from cloud server and recovered using
copy on another distributed server.)

VII. RESULTS AND DISCUSSION

In this section we will provide a thorough experimental VIII. CONCLUSION
evaluation of the construction proposed. Existing system only An integrity verification scheme is proposed here which gives
provides information about whether the outsourced file is an idea of asking proof of retrievability for cloud storage.
corrupted or not. This system provides recovery for deleted Also feature for recovery of corrupted data is introduced.
file. Dynamic data operations are provided for user to update
Fig. 4 depicts the comparison of time required for tag the data on cloud easily instead of uploading whole file again.
generation and verification. Verification time is less than tag Here a third party auditor is presented for the purpose of
generation time because tag generation is required for whole preprocessing, uploading the data on cloud storage server and
file but for verification, comparison of some part of file is recover the corrupted data behalf of client. The third party
sufficient. auditor performs the data integrity verification of the
outsourced data upon the client's request. Use of TPA scales
down the computational burden for tag generation on client.
Result analysis conclude that 'To Recover and download'
doesn't require much more time than "download of original
file" so this feature improves fault tolerance of the system
within near about same time.

ACKNOWLEDGMENT
The authors would like to thank the researchers as well as
publishers for making their resources available and teachers
of RSCOE, Computer Engineering for their guidance. We are
also thankful to the reviewer for their valuable suggestions.
We also thank the college authorities for providing the
required infrastructure and support.
Fig. 4. Time for tag generation and verification

195 www.erpublication.org
 Data Auditing Using Proof of Retrievability and Recovery in Cloud Computing

REFERENCES Prof.Dr. Pradeep K. Deshmukh.

Prof. Dr. Pradeep K. Deshmukh received
M.E, PhD in Computer Sci. and Engg.
[1] J.Li,X.Tan.XChen and D.S.Wong,OPoR : Enabling He is currently working as Professor in
proof of retrievability in cloud computing with Resource computer engg. department, JSPM's
constrained Devices, IEEE transactions on cloud RSCOE, Pune. He has 24 years of
computing on volume:XX No:2015
[2] G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. teaching experience. His area of interests
Kissner, Z. Peterson, and D. Song, Provable data is Cloud Computing, Network Security
possession at untrusted stores, in CCS 07: Proceedings and operating system.
of the 14th ACM conference on Computer and
communications security. New York, NY, USA: ACM,
2007, pp. 598609.
[3] A. Juels and B. S. K. Jr., Pors: proofs of retrievability
for large files, in CCS 07: Proceedings of the 14th
ACM conference on Computer and communications
security. New York, NY, USA:ACM, 2007, pp.
584597.
[4] H. Shacham and B. Waters, Compact proofs of
retrievability,in ASIACRYPT 08: Proceedings of the
14th International Conference on the Theory and
Application of Cryptology and Information Security.
Berlin, Heidelberg: Springer-Verlag, 2008, pp. 90107.
[5] C.Erway,A.Kupcu,C.Papamanthou, and R.Tamassia,
Dynamic provable data possession,cryptography e print
archive,Report2008,432,2008/432,2008,http://eprint.iac
r.org/ .
[6] J.Li,X.Tan.XChen and D.S.Wong,An efficient proof of
retrievability with public auditing in cloud
computing,in/NCoS,2013,pp,93-98
[7] C.Wang,Q.Wang,K.Ren,and W.Lou,Privacy preserving
public auditing for data storage security in cloud
computing,in INFOCOM,2010 Proceedings IEEE.
IEEE,2010 pp.1-9.
[8] E.-C.Chang and J.Xu,Remote integrity check with
dishonest servers,in preceedings of ESORICS 2008
,volume 5283 of LNCS.springer-verlag,2008,pp. 223
-237
[9] Q.Zheng and S.Xu,Fair and dynamic proofs of
retrievability, in CODASPY,2011,pp.237-248
[10] C.Wang,Q.wang and K.Ren,Ensuring data storage
security in cloud computing,in preceedings of IWQoS
2009,Charleston,USA 2009

About Author
Ms.Prachiti M. Karandikar.
Ms.Prachiti Karandikar is currently
pursuing ME degree in computer
science technology from Rajarshi
shahu college of engineering,Pune.
Completed B.E degree in information
Technology from Bharati Vidyapeeth
College of Engineering,Kolhapur
under the Shivaji University, Kolhapur
in Jun 2013. She has teaching experience of one year. Her
area of interest is Cloud Computing,SQL.

196 www.erpublication.org