CERIAS - Center for Education and Research in Information Assurance and Security

Skip Navigation
Purdue University - Discovery Park
Center for Education and Research in Information Assurance and Security

Do You Have My Data? Prove it! (Provable Data Possession at Untrusted Stores)

Reza Curtmola - Purdue University

Oct 03, 2007


Faced with cost and regulatory considerations, many companies are
outsourcing the storage of their data to third parties. Outsourcing data
storage achieves economies of scale for the management of storage and
avoids the large initial investment to set up data centers. Recently, many
such online archival systems have emerged from within the research and
industrial communities.

In storage oursourcing, a client sends data to a server, which is required
by contract to provide persistent archival of the data. Since the server
is not trusted and may misbehave, the client typically retains a small
piece of metadata which is used to verify the authenticity of the data
upon its retrieval. The problem is that by the time data is retrieved, it
might be already too late to recover lost or damaged data. Current systems
lack a basic guarantee: Proving data possession upon a user's request
(usually before data retrieval).

In this presentation we introduce a model for provable data posession
(PDP) which allows a client that has stored data at an untrusted server to
verify that the server possesses the original data without retrieving it.
We present provably-secure PDP schemes that have low (or even constant)
overhead at the server and and minimize network communication by
transmitting a small, constant, amount of data for every

This presentation is based on joint work with Giuseppe Ateniese, Randal
Burns, Joseph Herring, Lea Kissner, Zachary Peterson and Dawn Song. A
complete description is available on the Cryptology ePrint archive at

About the Speaker

Reza Curtmola is a post doctoral researcher in the Department of Computer
Science at Purdue University. He received a PhD degree in Computer Science
in 2007 and a MS degree in Security Informatics in 2003, both from The
Johns Hopkins University. His research focuses on applied cryptography and
security aspects of wireless networks. He has previously worked as a
research intern at Bell Labs Research. More information can be found at

Unless otherwise noted, the security seminar is held on Wednesdays at 4:30P.M. STEW G52 (Suite 050B), West Lafayette Campus. More information...


The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.