Abstract
Abstract Certificateless provable data possession (CL-PDP) protocol is an important tool to check the integrity of data outsourced to cloud service provider (CSP) since it is not necessary to consider the certificate management and key escrow problems. In 2017, He et al. proposed an efficient CL-PDP protocol (HKWWC-protocol, for short) with an additional good property: Privacy protection from the verifier [Appl. Math. Comput., vol. 314, pp. 31-43]. However, recently, Liao et al. illustrates that the HKWWC-protocol is completely insecure under their suggested attack (LLON-attack) since CSP can return a forged proof that is able to pass the verification of the verifier, which shows that the HKWWC-protocol will become completely useless. In this paper, we revisit the original HKWWC-protocol and try to rescue it. After our modification, the twisted new protocol can be immune to the LLON-attack. More importantly, we find that the original He et al.’s security model cannot depict the practical scene at all because they viewed CSP and KGC (key generation center) as one entity in their system. Hence, we redefine a new security model and prove the twisted HKWWC-protocol is secure under our new security model. Performance analysis shows that our proposed protocol is still efficient and practical.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.