Abstract: Computing applications and data are growing so rapidly that increasingly larger servers and data centre are needed for fast processing within the required time. A fundamental shift in the way Information Technology (IT) and computing services are being delivered and purchased, results in the development of cloud computing. Currently, there has been an increasing trend in outsourcing data to remote cloud, where the people outsource their data at Cloud Service Provider(CSP) who offers huge storage space with low cost. Thus users can reduce the maintenance and burden of local data storage. Meanwhile, once data goes into cloud they lose control of their data, which inevitably brings new security risks toward integrity and confidentiality. Hence, efficient and effective methods are needed to ensure the data integrity and confidentiality of outsource data on entrusted cloud servers. However, Cloud computing requires that organizations trust that a service provider’s platforms are secured and provide a sufficient level of integrity for the client’s data. In this paper, we propose an efficient and secure protocol to address these issues. Our design is based on Elliptic Curve Cryptography and Sobol Sequence (random sampling). Our method allows third party auditor (TPA) to periodically verify the data integrity stored at CSP without retrieving original data. The challenge-response protocol transmits a small, constant amount of data, which minimizes network communication. Most importantly, our protocol is confidential: it never reveals the data contents to the malicious parties. The proposed scheme also considers the dynamic data operations at block level while maintaining the same security assurance. To compare with existing schemes, our scheme is more secure and efficient.

Keywords: Data storage, Integrity, Confidentiality, Elliptic Curve Cryptography (ECC), Sobol Sequence, Cloud Computing, TPA, CSP.