S-Audit: Efficient Data Integrity Verification for Cloud Storage

Commercial cloud storage services are being widely adopted. The most common integrity verification methods for data stored remotely are based on cryptographic hashes and digital signatures. These allow checking that the data has not been tampered while stored in the cloud. However, both require downloading all the data before doing the verification, with significant time and monetary costs. This paper presents S-AUDIT, a service that provides integrity verification of data stored in commercial clouds. S-AUDIT uses homomorphic authentication with digital signatures to avoid retrieving the protected data from the cloud. The service was integrated with a cloud-backed file system called SCFS to show how it can be used in practice. Our experimental evaluation shows that using S-AUDIT is 7.1% cheaper than using RSA signatures when the integrity of the data is verified monthly, and 34.9% when verified weekly, in a typical setting.