Comments on a privacy preserving public auditing mechanism for shared cloud data

Auditing mechanisms are received much attentions from researchers due to the developing of cloud storage. Recently, Wang et al. proposed a privacy preserving public auditing mechanism for shared cloud data with supporting group dynamic. However, we find some security flaws in their mechanism. In this paper, a forgery attack and a data corruption attack are proposed to demonstrate the insecurity. Then, we propose a modified scheme based on their mechanism. The security analysis is demonstrated that our improvement can resist the mentioned two attacks.

[1]  Qi Xia,et al.  SDIVIP2: shared data integrity verification with identity privacy preserving in mobile clouds , 2016, Concurr. Comput. Pract. Exp..

[2]  Reza Curtmola,et al.  Provable data possession at untrusted stores , 2007, CCS '07.

[3]  Brent Waters,et al.  Efficient Identity-Based Encryption Without Random Oracles , 2005, EUROCRYPT.

[4]  Jie Cui,et al.  An Improved Identity-Based Multi-Proxy Multi-Signature Scheme , 2016, J. Inf. Hiding Multim. Signal Process..

[5]  Song Guo,et al.  Chameleon Hashing for Secure and Privacy-Preserving Vehicular Communications , 2014, IEEE Transactions on Parallel and Distributed Systems.

[6]  Efficient chameleon hashing-based privacy-preserving auditing in cloud storage , 2015, Cluster Computing.

[7]  P. Mell,et al.  The NIST Definition of Cloud Computing , 2011 .

[8]  Yuh-Min Tseng,et al.  A Revocable ID-based Signcryption Scheme , 2012, J. Inf. Hiding Multim. Signal Process..

[9]  M. Phil,et al.  PRIVACY-PRESERVING PUBLIC AUDITING FOR DATA STORAGE SECURITY IN CLOUD COMPUTING , 2015 .

[10]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[11]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[12]  Shoulin Yin,et al.  A New Provable Secure Certificateless Aggregate Signcryption Scheme , 2016, J. Inf. Hiding Multim. Signal Process..

[13]  Xiaohua Jia,et al.  An Efficient and Secure Dynamic Auditing Protocol for Data Storage in Cloud Computing , 2013, IEEE Transactions on Parallel and Distributed Systems.

[14]  Yuh-Min Tseng,et al.  An ID-Based Mutual Authentication and Key Exchange Protocol for Low-Power Mobile Devices , 2010, Comput. J..

[15]  Chunxiang Xu,et al.  Secure and efficient privacy-preserving public auditing scheme for cloud storage , 2014, Comput. Electr. Eng..

[16]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[17]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[18]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[19]  Ari Juels,et al.  Pors: proofs of retrievability for large files , 2007, CCS '07.

[20]  Cong Wang,et al.  Secure Optimization Computation Outsourcing in Cloud Computing: A Case Study of Linear Programming , 2016, IEEE Transactions on Computers.

[21]  Randy H. Katz,et al.  Above the Clouds: A Berkeley View of Cloud Computing , 2009 .

[22]  Ming Li,et al.  Privacy-preserving public auditing for shared cloud data supporting group dynamics , 2013, 2013 IEEE International Conference on Communications (ICC).

[23]  Ran Canetti,et al.  The random oracle methodology, revisited , 2000, JACM.

[24]  Yi Mu,et al.  On the Security of an Efficient Dynamic Auditing Protocol in Cloud Storage , 2014, IEEE Transactions on Parallel and Distributed Systems.

[25]  Salve Bhagyashri Salve Bhagyashri,et al.  Privacy-Preserving Public Auditing For Secure Cloud Storage , 2014 .

[26]  Liqun Chen,et al.  Identity-based key agreement protocols from pairings , 2017, International Journal of Information Security.

[27]  Hovav Shacham,et al.  Compact Proofs of Retrievability , 2008, Journal of Cryptology.