论文信息 - The Attack on Mona: Secure Multi-owner Data Sharing for Dynamic Groups in the Cloud

The Attack on Mona: Secure Multi-owner Data Sharing for Dynamic Groups in the Cloud

With the characters of low maintenance and little management cost, cloud computing offers an effective and economical approach for data sharing in the cloud among group members. However, since the cloud is untrustworthy, the security guarantees for the sharing data become our concerns. Unfortunately, because of the frequent change of the membership, sharing data while providing privacy-preserving is still a challenging issue. Recently, Liu et al presented a secure multi-owner data sharing scheme, named Mona, which was claimed that any group member could anonymously share data with others by exploiting group signature technique. Meanwhile, the scheme could address fine-grained access control, which means that not only the group members could use the sharing data resource at any time, but also the new users were able to use the sharing data immediately after their revocations and the revoked users will not be allowed to use the sharing data again after they are removed from the group. However, through our security analysis, the Mona scheme still has some security vulnerabilities. It will easily suffer from the collusion attack, which can lead to the revoked users getting the sharing data and disclosing other legitimate members' secrets. In addition, there is another security shortage in the user registration phase, which is how to protect the private key when distributing it in the unsecure communication channels. This kind of attack can also lead to disclosing the user's secret data.

[1] Randy H. Katz,et al. A view of cloud computing , 2010, CACM.

[2] Brent Waters,et al. Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[3] Kristin E. Lauter,et al. Cryptographic Cloud Storage , 2010, Financial Cryptography Workshops.

[4] Xiaohui Liang,et al. Secure provenance: the essential of bread and butter of data forensics in cloud computing , 2010, ASIACCS '10.

[5] Cong Wang,et al. Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[6] Brent Waters,et al. Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[7] Yuqing Zhang,et al. Mona: Secure Multi-Owner Data Sharing for Dynamic Groups in the Cloud , 2013, IEEE Transactions on Parallel and Distributed Systems.

[8] Hovav Shacham,et al. SiRiUS: Securing Remote Untrusted Storage , 2003, NDSS.

[9] Matthew Green,et al. Improved proxy re-encryption schemes with applications to secure distributed storage , 2006, TSEC.

[10] Qian Wang,et al. Plutus: Scalable Secure File Sharing on Untrusted Storage , 2003, FAST.