Comment on “Achieving Secure, Universal, and Fine-Grained Query Results Verification for Secure Search Scheme Over Encrypted Cloud Data”

Abstract

Recently in IEEE Transactions on Cloud Computing (TCC), Yin <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">et al.</i> <xref ref-type="bibr" rid="ref5" xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">[5]</xref> designed a fine-grained query verification mechanism where a novel certificateless short signature scheme is proposed for validating the data of encrypted query results. Despite the authors alleged that their scheme achieves the existential unforgeability to ensure the authenticity of verification objects, we found that this scheme fails to resist the forgery attack. Specifically, through launching the concrete attacks, a malicious adversary can forge a signature on any verification object without being detected.