Is extracting data the same as possessing data?

Douglas R. Stinson, Jalaj Upadhyay

Research output: Contribution to journalArticlepeer-review


Proof-of-retrievability schemes have been a topic of considerable recent interest. In these schemes, a client {C} gives a file M to a server {S} with the understanding that {S} will securely store M. A suitable challenge-response protocol is invoked by {C} in order for {C} to gain confidence that M is indeed being correctly stored by {S}. The definition of proof-of-retrievability schemes is based on the notion of an extractor {E} that can recover the file once the challenge-response protocol is executed a sufficient number of times. In this paper, we propose a new type of scheme that we term a proof-of-data- observability scheme. Our definition tries to capture the stronger requirement that {S} must have an actual copy of M in its memory space while it executes the challenge-response protocol. We give some examples of schemes that satisfy this new security definition. As well, we analyze the efficiency and security of the protocols we present, and we prove some necessary conditions for the existence of these kinds of protocols.

Original languageEnglish (US)
Pages (from-to)189-207
Number of pages19
JournalJournal of Mathematical Cryptology
Issue number2
StatePublished - Jun 1 2014
Externally publishedYes

All Science Journal Classification (ASJC) codes

  • Computer Science Applications
  • Computational Mathematics
  • Applied Mathematics


  • Proof-of-retrievability
  • proof-of-data-observability


Dive into the research topics of 'Is extracting data the same as possessing data?'. Together they form a unique fingerprint.

Cite this