Proof of Inaction for outsourced data with exhaustive audit

In the existing environment of cloud storage and distributed hosting solutions, it is imperative to ensure the long-term preservation of inactive data like keyring backups and essential system logs, as these cannot afford the smallest error or data loss during storage. The current methods of subset sampling for data integrity verification fall short of these critical demands. To solve this problem, we introduce Proof of Inaction (PoI), an innovative framework for verifying the integrity of inactive data through verifiable computation principles. First, during the data owner's exhaustive audit, the storage provider must maintain complete possession of all data to validate storage integrity, which means failing any integrity challenge if even a single bit is missing. Second, PoI enables the verification of storage integrity for both single and multiple copies of data, supporting an unlimited number of challenges in each scenario. Utilizing the co-CDH assumption, we validate the correctness and soundness of our approach with the random oracle model. Both theoretical analysis and empirical evidence suggest that PoI's challenge and verification process do not escalate in overhead as the size of the challenged files increases, offering an enhancement over traditional data integrity verification methods. © 2024 Elsevier Ltd