Analysis of the comments on “Identity-Based Distributed Provable Data Possession in Multicloud Storage”

Abstract

In 2016, Peng et al. pointed out in the literature (IEEE Transactions on Services Computing, Vol. 9, No. 6, pp. 996-998, Nov./Dec. 2016) that Wang's identity-based provable data possessing scheme ID-DPDP(IEEE Transactions on Services Computing, vol. 8, no. 2, pp. 328-340, Mar./Apr. 2015) has security vulnerability, and Peng et al. offered the remedy solutions. Unfortunately, we demonstrate that Peng et al.'s method also has a security loophole that malicious cloud servers can produce valid proof information without original data. Accordingly, we provide a revised solution to the problem while preserving the security features of the ID-DPDP.