Designing attribute-based verifiable data storage and retrieval scheme in cloud computing environment

The cloud computing technology is a novel storage and computing paradigm that enables individuals and organizations to store data, share data with intended group of users and retrieve data when require. It greatly improves peoples’ data storage and sharing, and data retrieval capabilities by providing flexible, less expensive and quality services. For data security and privacy concerns, secure and authenticated data storage, fine-grained access control of encrypted data, secure search for the outsourced data and search results verification are of critical importance. However, achieving the aforementioned functionalities simultaneously is quite challenging. In this paper, for the first time, we propose a secure lightweight Attribute-Based verifiable Data Storage and data Retrieval Scheme (ABDSRS) for cloud environments that attains the following features: (i) lightweight design, (ii) provably secure, (iii) fine-grained data access control, (iv) data owner (DO) anonymity, (v) data and DO authenticity, (vi) keyword policy search over encrypted data, (vii) keyword privacy, and (viii) search results verification. ABDSRS employs attribute-based online-offline mechanism in which only authorized DOs can anonymously upload data to the cloud. And, a data user (DU) can search over encrypted data using keyword policy. ABDSRS enables a DU to verify the correctness of the search results (i.e., the correctness of the operations performed by the cloud) without interacting with any authority. ABDSRS is lightweight in the sense that the heavy computations are offloaded either to the cloud or to offline phase, while only lightweight operations are executed at the DU device. We formalize more general security definitions of ABDSRS by considering various possible adversarial capabilities and present rigorous security analysis. We also conduct experiments to evaluate ABDSRS's performance.