Abstract

In cloud storage, public auditing is a more popular data integrity verification technique since it allows users to delegate auditing tasks to a fully trusted third-party auditor (TPA). However, it is difficult to find such a TPA in practical application. Besides, the centralised auditing model makes TPA have to bear burdensome work pressure, which limits the practicability of existing schemes. In this paper, we firstly proposed a blockchain-based generalised shared auditing mechanism BCSA in the cross-user scenario, which aims at achieving available public auditing with a non-fully trusted TPA, and reducing the user's auditing fees and TPA's work pressure by allowing data users to share their auditing procedure with others. Furthermore, we initialise a concrete construction BCSAD with Diffie–Hellman protocol for the cross-user auditing scenario with different data. Likewise, we also propose a novel construction BCSAI for the cross-user auditing scenario with identical data, which utilises a password-authenticated key exchange (PAKE) protocol to achieve shared auditing and ciphertext deduplication, reducing data storage and auditing fees for data users and alleviating service pressure on the cloud server and TPA. Security and performance analysis evaluate the practicability of the proposed scheme.