Jump to ContentJump to Main Navigation
Show Summary Details
More options …

Journal of Mathematical Cryptology

Managing Editor: Magliveras, Spyros S. / Steinwandt, Rainer / Trung, Tran

Editorial Board: Blackburn, Simon R. / Blundo, Carlo / Burmester, Mike / Cramer, Ronald / Dawson, Ed / Gilman, Robert / Gonzalez Vasco, Maria Isabel / Grosek, Otokar / Helleseth, Tor / Kim, Kwangjo / Koblitz, Neal / Kurosawa, Kaoru / Lauter, Kristin / Lange, Tanja / Menezes, Alfred / Nguyen, Phong Q. / Pieprzyk, Josef / Rötteler, Martin / Safavi-Naini, Rei / Shparlinski, Igor E. / Stinson, Doug / Takagi, Tsuyoshi / Williams, Hugh C. / Yung, Moti

CiteScore 2017: 1.43

SCImago Journal Rank (SJR) 2017: 0.293
Source Normalized Impact per Paper (SNIP) 2017: 1.117

Mathematical Citation Quotient (MCQ) 2017: 0.51

See all formats and pricing
More options …
Volume 12, Issue 4


Multi-prover proof of retrievability

Maura B. Paterson
  • Department of Economics, Mathematics and Statistics, Birkbeck, University of London, Malet Street, London WC1E 7HX, United Kingdom
  • Email
  • Other articles by this author:
  • De Gruyter OnlineGoogle Scholar
/ Douglas R. Stinson
  • Corresponding author
  • David R. Cheriton School of Computer Science, University of Waterloo, Waterloo, ON, N2L 3G1, Canada
  • Email
  • Other articles by this author:
  • De Gruyter OnlineGoogle Scholar
/ Jalaj Upadhyay
Published Online: 2018-09-20 | DOI: https://doi.org/10.1515/jmc-2018-0012


There has been considerable recent interest in “cloud storage” wherein a user asks a server to store a large file. One issue is whether the user can verify that the server is actually storing the file, and typically a challenge-response protocol is employed to convince the user that the file is indeed being stored correctly. The security of these schemes is phrased in terms of an extractor which will recover the file given any “proving algorithm” that has a sufficiently high success probability. This forms the basis of proof-of-retrievability (PoR) systems. In this paper, we study multiple server PoR systems. We formalize security definitions for two possible scenarios: (i) A threshold of servers succeeds with high enough probability (worst case), and (ii) the average of the success probability of all the servers is above a threshold (average case). We also motivate the study of confidentiality of the outsourced message. We give MPoR schemes which are secure under both these security definitions and provide reasonable confidentiality guarantees even when there is no restriction on the computational power of the servers. We also show how classical statistical techniques previously used by us can be extended to evaluate whether the responses of the provers are accurate enough to permit successful extraction. We also look at one specific instantiation of our construction when instantiated with the unconditionally secure version of the Shacham–Waters scheme. This scheme gives reasonable security and privacy guarantee. We show that, in the multi-server setting with computationally unbounded provers, one can overcome the limitation that the verifier needs to store as much secret information as the provers.

Keywords: Proof of retrievability; multiple users; secret sharing

MSC 2010: 94A60


  • [1]

    G. Ateniese, R. C. Burns, R. Curtmola, J. Herring, O. Khan, L. Kissner, Z. N. J. Peterson and D. Song, Remote data checking using provable data possession, ACM Trans. Inform. Sys. Security 14 (2011), Paper No. 12. Web of ScienceGoogle Scholar

  • [2]

    G. Ateniese, R. C. Burns, R. Curtmola, J. Herring, L. Kissner, Z. N. J. Peterson and D. X. Song, Provable data possession at untrusted stores, Proceedings of the 14th ACM Conference on Computer and Communications Security, ACM, New York (2007), 598–609. Google Scholar

  • [3]

    G. Ateniese, Ö. Dagdelen, I. Damgård and D. Venturi, Entangled cloud storage, IACR Cryptology ePrint Archive (2012), https://eprint.iacr.org/2012/511.pdf.

  • [4]

    G. Ateniese, R. Di Pietro, L. V. Mancini and G. Tsudik, Scalable and efficient provable data possession, Proceedings of the 4th International Conference on Security and Privacy in Communication Networks, ACM, New York (2008), 1–9. Google Scholar

  • [5]

    G. Ateniese, S. Kamara and J. Katz, Proofs of storage from homomorphic identification protocols, Advances in Cryptology—ASIACRYPT 2009, Springer, Berlin (2009), 319–333. Google Scholar

  • [6]

    G. R. Blakley, Safeguarding cryptographic keys, Proceedings of the National Computer Conference, AFIPS, New York (1979), 313–317. Google Scholar

  • [7]

    G. R. Blakley and C. Meadows, Security of ramp schemes, Advances in Cryptology—CRYPTO 1985, Springer, Berlin (1985), 242–268. Google Scholar

  • [8]

    K. D. Bowers, A. Juels and A. Oprea, Proofs of retrievability: Theory and implementation, Proceedings of the 2009 ACM Workshop on Cloud Computing Security, ACM, New York (2009), 43–54. Google Scholar

  • [9]

    R. Curtmola, O. Khan, R. C. Burns and G. Ateniese, MR-PDP: Multiple-replica provable data possession, The 28th International Conference on Distributed Computing Systems, IEEE Press, Piscataway (2008), 411–420. Google Scholar

  • [10]

    Y. Dodis, S. P. Vadhan and D. Wichs, Proofs of retrievability via hardness amplification, Theory of Cryptography, Springer, Berlin (2009), 109–127. Google Scholar

  • [11]

    A. Juels and B. S. Kaliski, Jr., PORs: Proofs of retrievability for large files, Proceedings of the 14th ACM Conference on Computer and Communications Security, ACM, New York (2007), 584–597. Google Scholar

  • [12]

    S. Kamara and K. Lauter, Cryptographic cloud storage, Financial Cryptography and Data Security, Springer, Berlin (2010), 136–149. Google Scholar

  • [13]

    R. J. McEliece and D. V. Sarwate, On sharing secrets and Reed–Solomon codes, Comm. ACM 24 (1981), 583–584. CrossrefGoogle Scholar

  • [14]

    M. B. Paterson and D. R. Stinson, A simple combinatorial treatment of constructions and threshold gaps of ramp schemes, Cryptogr. Commun. 5 (2013), 229–240. CrossrefWeb of ScienceGoogle Scholar

  • [15]

    M. B. Paterson, D. R. Stinson and J. Upadhyay, A coding theory foundation for the analysis of general unconditionally secure proof-of-retrievability schemes for cloud storage, J. Math. Cryptol. 7 (2013), 183–216. Google Scholar

  • [16]

    H. Shacham and B. Waters, Compact Proofs of Retrievability, Advances in Cryptology—ASIACRYPT 2008, Springer, Berlin (2009), 90–107. Google Scholar

  • [17]

    A. Shamir, How to share a secret, Comm. ACM 22 (1979), 612–613. CrossrefGoogle Scholar

  • [18]

    K. Ulm, Simple method to calculate the confidence interval of a standardized mortality ratio (SMR), Amer. J. Epidemiology 131 (1990), 373–375. CrossrefGoogle Scholar

  • [19]

    C. Wang, Q. Wang, K. Ren and W. Lou, Privacy-preserving public auditing for data storage security in cloud computing, IEEE Proceedings INFOCOM 2010, IEEE Press, Piscataway (2010), 1–9. Google Scholar

  • [20]

    Summary of the Amazon S3 Service Disruption in the Northern Virginia (US-EAST-1) Region, https://aws.amazon.com/message/41926/.

  • [21]

    Why is decentralized and distributed file storage critical for a better web?, https://coincenter.org/entry/why-is-decentralized-and-distributed-file-storage-critical-for-a-better-web.

About the article

Received: 2018-03-17

Revised: 2018-07-03

Accepted: 2018-08-10

Published Online: 2018-09-20

Published in Print: 2018-12-01

Citation Information: Journal of Mathematical Cryptology, Volume 12, Issue 4, Pages 203–220, ISSN (Online) 1862-2984, ISSN (Print) 1862-2976, DOI: https://doi.org/10.1515/jmc-2018-0012.

Export Citation

© 2018 Walter de Gruyter GmbH, Berlin/Boston.Get Permission

Comments (0)

Please log in or register to comment.
Log in