Open Access

ARTICLE

Towards Public Integrity Audition for Cloud-IoT Data Based on Blockchain

Hao Yan^1,2, Yanan Liu¹, Shuo Qiu¹, Shengzhou Hu³, Weijian Zhang^4,*, Jinyue Xia⁵

1 School of Network Security, Jinling Institute of Technology, Nanjing, 211169, China
2 Fujian Provincial Key Laboratory of Network Security and Cryptology, Fujian Normal University, Fuzhou, 350007, China
3 Department of Mathematics and Computer Science, Gannan Normal University, Ganzhou, 341000, China
4 Network Security and Information Office, Hohai University, Nanjing, 210098, China
5 International Business Machines Corporation (IBM), New York, NY, USA

* Corresponding Author: Weijian Zhang. Email:

Computer Systems Science and Engineering 2022, 41(3), 1129-1142. https://doi.org/10.32604/csse.2022.022317

Received 03 August 2021; Accepted 04 September 2021; Issue published 10 November 2021

Abstract

With the rapidly developing of Internet of Things (IoT), the volume of data generated by IoT systems is increasing quickly. To release the pressure of data management and storage, more and more enterprises and individuals prefer to integrate cloud service with IoT systems, in which the IoT data can be outsourced to cloud server. Since cloud service provider (CSP) is not fully trusted, a variety of methods have been proposed to deal with the problem of data integrity checking. In traditional data integrity audition schemes, the task of data auditing is usually performed by Third Party Auditor (TPA) which is assumed to be trustful. However, in real-life TPA is not trusted as people thought. Therefore, these schemes suffer from the underlying problem of single-point failure. Moreover, most of the traditional schemes are designed by RSA or bilinear map techniques which consume heavy computation and communication cost. To overcome these shortcomings, we propose a novel data integrity checking scheme for cloud-IoT data based on blockchain technique and homomorphic hash. In our scheme, the tags of all data blocks are computed by a homomorphic hash function and stored in blockchain. Moreover, each step within the process of data integrity checking is signed by the performer, and the signatures are stored in blockchain through smart contracts. As a result, each behavior for data integrity checking in our scheme can be traced and audited which improves the security of the scheme greatly. Furthermore, batch-audition for multiple data challenges is also supported in our scheme. We formalize the system model of our scheme and give the concrete construction. Detailed performance analyses demonstrate that our proposed scheme is efficient and practical without the trust-assumption of TPA.

---

Keywords

---