Cloud service providers offer users efficient and scalable data storage services with a much lower marginal cost than traditional approaches. It is routine for users to leverage cloud storage services to share data with others in a group, as data sharing becomes a standard feature in most cloud storage offerings, including Dropbox, iCloud and Google Drive. The integrity of data in cloud storage, however, is subject to skepticism and scrutiny, as data stored in the cloud can easily be lost or corrupted due to the inevitable hardware/ software failures and human errors. To make this matter even worse, cloud service providers may be reluctant to inform users about these data errors in order to maintain the reputation of their services and avoid losing profits. Therefore, the integrity of cloud data should be verified before any data utilization, such as search or computation over cloud data

G. Ateniese, R. Burns, R. Curtmola, J. Herring, L. Kissner, Z. Peterson, and D. Song, “Provable Data Possession at Untrusted Stores,” in Proc. ACM Conference on Computer and Communications Security (CCS), 2007, pp. 598–610.

C. Wang, Q. Wang, K. Ren, and W. Lou, “Privacy-Preserving Public Auditing for Data Storage Security in Cloud Computing,” in Proc. IEEE International Conference on Computer Communications (INFOCOM), 2010, pp. 525–533.

R. L. Rivest, A. Shamir, and Y. Tauman, “How to Leak a Secret,” in Proc. International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT).

D. Boneh, C. Gentry, B. Lynn, and H. Shacham, “Aggregate and Verifiably Encrypted Signatures from Bilinear Maps,” in Proc. In- ternational Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT).

H. Shacham and B. Waters, “Compact Proofs of Retrievability,” in Proc. International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT).

D. Boneh and D. M. Freeman, “Homomorphic Signatures for Polynomial Functions,” in Proc. International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT).

A. L. Ferrara, M. Green, S. Hohenberger, and M. Ø. Pedersen, “Practical Short Signature Batch Verification,” in Proc. RSA Conference, the Cryptographers’ Track (CT-RSA).