Abstract
With the advent of data outsourcing, how to efficiently verify the integrity of data stored at an untrusted cloud service provider (CSP) has become a significant problem in cloud storage. In 2019, Guo et al. proposed an outsourced dynamic provable data possession scheme with batch update for secure cloud storage. Although their scheme is very novel, we find that their proposal is not secure in this paper. The malicious cloud server has ability to forge the authentication labels, and thus it can forge or delete the user’s data but still provide a correct data possession proof. Based on the original protocol, we proposed an improved one for the auditing scheme, and our new protocol is effective yet resistant to attacks.
Highlights
Since 2007, as one of the most interesting topics in the computer field, cloud computing has experienced rapid development and has become a key research direction for large-scale enterprises and institutions
If the above equation holds, the client assures that the auditor audited cloud service provider (CSP) for all the past challenged data blocks appointed by B honestly. e correctness of equation can be elaborated as follows: l σ(B)
The attack is the following: (1) Store Protocol: after receiving the client’s data M and its corresponding tag collection , the CSP first verifies the correctness of their signatures according to the original scheme. e malicious cloud server can get the value of λx, gα1x, gα2x, . . . , gαsx through doing the same as the attack I. en, CSP deletes the client’s data and its corresponding tags
Summary
Since 2007, as one of the most interesting topics in the computer field, cloud computing has experienced rapid development and has become a key research direction for large-scale enterprises and institutions. E scheme draws on the idea of homomorphic authentication tags and effectively aggregates the evidence into a smaller value, allowing the verifier to perform any number of audits, while reducing the communication overhead in the verification process. In 2013, Zhao et al [17] proposed the first identity-based cloud audit scheme, which uses random mask technology to achieve privacy protection. An outsourced dynamic provable data possession scheme with batch update for secure cloud storage (ODPDP) was proposed by Wei et al [20].
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
