Dynamic Provable Data Possession

TitleDynamic Provable Data Possession
Publication TypeConference Papers
Year of Publication2009
AuthorsErway C, Küp\ccü A, Papamanthou C, Tamassia R
Conference NameCCS '09 Proceedings of the 16th ACM Conference on Computer and Communications Security
Date Published2009///
ISBN Number978-1-60558-894-0
Keywordsauthenticated data structures, Authentication, integrity checking, outsourced storage, proof of retrievability, provable data possession, skip list

We consider the problem of efficiently proving the integrity of data stored at untrusted servers. In the provable data possession (PDP) model, the client preprocesses the data and then sends it to an untrusted server for storage, while keeping a small amount of meta-data. The client later asks the server to prove that the stored data has not been tampered with or deleted (without downloading the actual data). However, the original PDP scheme applies only to static (or append-only) files. We present a definitional framework and efficient constructions for dynamic provable data possession (DPDP), which extends the PDP model to support provable updates to stored data. We use a new version of authenticated dictionaries based on rank information. The price of dynamic updates is a performance change from O(1) to O(logn) (or O(nεlog n), for a file consisting of n blocks, while maintaining the same (or better, respectively) probability of misbehavior detection. Our experiments show that this slowdown is very low in practice (e.g. 415KB proof size and 30ms computational overhead for a 1GB file). We also show how to apply our DPDP scheme to outsourced file systems and version control systems (e.g. CVS).