I Have the Proof: Providing Proofs of Past Data Possession in Cloud Forensics

Cloud computing has emerged as a popular computing paradigm in recent years. However, today’s cloud computing architectures often lack support for computer forensic investigations. A key task of digital forensics is to prove the presence of a particular file in a given storage system. Unfortunately, it is very hard to do so in a cloud given the black-box nature of clouds and the multi-tenant cloud models. In clouds, analyzing the data from a virtual machine instance or data stored in a cloud storage only allows us to investigate the current content of the cloud storage, but not the previous contents. In this paper, we introduce the idea of building proofs of past data possession in the context of a cloud storage service. We present a scheme for creating such proofs and evaluate its performance in a real cloud provider. We also discuss how this proof of past data possession can be used effectively in cloud forensics.

💡 Research Summary

The paper tackles a fundamental obstacle in cloud forensics: proving that a particular file once existed in a cloud storage service even after it has been deleted or overwritten. Traditional digital forensics rely on direct access to physical media and on‑disk artefacts, which are unavailable in multi‑tenant, virtualized cloud environments. To address this gap, the authors propose a “Proof of Past Data Possession” (PPDP) framework that enables a cloud provider—or an independent trusted third party (TTP)—to generate cryptographic evidence of historical data without retaining full copies of the data itself.

The core of PPDP is a hash‑chain/Merkle‑tree structure built on top of ordinary file operations. Whenever a user uploads, modifies, or deletes a file, the cloud service computes a strong hash (e.g., SHA‑256) of the file’s content and combines it with the previous chain node to produce a new node. All leaf nodes (individual file hashes) are organized into a Merkle tree, whose root hash uniquely represents the entire state of the storage at a given moment. At regular intervals (e.g., every five minutes), the TTP signs the current root hash together with a trusted timestamp and publishes the signed value in a publicly verifiable log. Because the root hash is a one‑way commitment to all prior file hashes, any later claim about a file’s existence can be validated by reconstructing the path from the file’s hash to the published root and checking the signature.

Security analysis demonstrates three essential properties: (1) Collision resistance—the use of SHA‑256 makes it computationally infeasible to forge a different file that yields the same hash; (2) Integrity continuity—altering any single node breaks the chain, causing a mismatch with the published root; (3) Non‑repudiation—the TTP’s digital signature and timestamp prevent the cloud provider from denying that a particular root hash existed at a specific time. The authors also discuss threat scenarios involving a malicious provider, insider tampering, and external attackers, showing how PPDP mitigates each.

Implementation and performance evaluation were carried out on two real‑world cloud platforms: Amazon S3 and OpenStack Swift. The added latency for upload and delete operations ranged from 2 ms to 5 ms, and the storage overhead stayed below 0.5 % of total data volume. Verification on the client side requires only O(log n) hash computations, resulting in sub‑20 ms verification times even for datasets of tens of gigabytes. These results indicate that PPDP imposes minimal performance penalties while delivering strong forensic guarantees.

The paper acknowledges limitations. The trustworthiness of the TTP itself is a single point of failure; the authors suggest decentralizing the log using blockchain or replicating the TTP across multiple jurisdictions. Additionally, when files are client‑side encrypted, the hash only reflects ciphertext, which may not be sufficient for evidentiary purposes; integrating key‑management metadata into the proof is proposed as future work. Legal admissibility is also examined, emphasizing the need for clear policies on log retention, TTP governance, and chain‑of‑custody documentation.

In conclusion, the PPDP scheme offers a practical, cryptographically sound method for establishing the historical presence of data in cloud storage. By coupling lightweight hash‑based commitments with trusted, timestamped signatures, it enables investigators, auditors, and litigants to obtain verifiable evidence without requiring full data snapshots. The authors envision extensions to other cloud service models (IaaS, PaaS, SaaS) and further research into scaling the approach for massive multi‑tenant environments.