On the Security of a Data Integrity Auditing Scheme in Mobile Multi-cloud Environment
Pages 40 - 44
Abstract
Public auditing protocol is very important and efficient security service for ensuring the outsourced data since it can be used to audit the integrity of the stored data in cloud with a lower cost. Recently, Cao et al. presented a data integrity verification protocol in mobile Multi-cloud computing environment using the bilinear pairing. Unfortunately, in this paper, we show that their protocol is insecure against malicious cloud server's forgery attack and replacing attack. After deleting all the outsourced data, the malicious cloud server can pass the verification of data integrity without being found by the auditor. Then the corresponding detail attack is given and we also analyze the reason to produce such attack.
References
[1]
https://www.statista.com/topics/1695/cloud-computing/
[2]
"Ericsson Mobility Report", 2015.
[3]
Giuseppe Ateniese, Roberto Di Pietro, Luigi V. Mancini, Gene Tsudik,2007, Scalable and efficient provable data possession, Proceedings of the 4th international conference on Security and privacy in communication netowrks, 22--35.
[4]
A. Juels and B.S. Kaliski Jr., 2007,PORs: Proofs of Retrievability for Large Files, Proc. 14th ACM Conf. Computer and Communications Security, 584--597.
[5]
Z.-D. Shen, C. Lin, and Q. Tong, 2015,A method for lightweight verification on data integrity in mobile cloud computing environment,Journal of Northeastern University,36, 11, 1563--1566.
[6]
H. Shacham and B. Waters, 2008, "Compact Proofs of Retrievability", Proc. 14th Intl Conf. Theory and Application of Cryptology and Information Security: Advances in Cryptology (ASIACRYPT'08), 90--107.
[7]
Laicheng Cao, Wenwen He, Xian Guo, and Tao Feng. 2016. A Scheme for Verification on Data Integrity in Mobile Multicloud Computing Environment. Mathematical Problems in Engineering. Volume 2016, Article ID 9267608.
[8]
M. Vukolic,2010,The Byzantine empire in the intercloud, ACM SIGACT News, 41,2010. 105--111.
[9]
Brown, L. D., Hua, H., and Gao, C. 2003. A widget framework for augmented interaction in SCAPE. In Proceedings of the 16th Annual ACM Symposium on User Interface Software and Technology (Vancouver, Canada, November 02 - 05, 2003). UIST '03. ACM, New York, NY, 1--10.
[10]
Zhang, J. H., Meng H.X and Yu, Y. 2017. Achieving public verifiability and data dynamics for cloud data in the standard model. Clustering Computing. 20, 3 (Dec. 2017), 2641--2653.
Index Terms
- On the Security of a Data Integrity Auditing Scheme in Mobile Multi-cloud Environment
Recommendations
Forgery attacks of an identity-based multi-proxy signature scheme
Multi-proxy signature is used to delegate a permission of an owner to at least two proxies in the digital world. Recently, Sahu and Padhye gave a new construction of identity-based multi-proxy signature. Their scheme's security was supported by a ...
Security pitfalls of an efficient threshold proxy signature scheme for mobile agents
A ( t , n ) threshold proxy signature scheme enables an original signer to delegate his/her signing power to n proxy signers such that any t or more proxy signers can sign messages on behalf of the original signer, but t - 1 or less of them cannot ...
Security analysis of an identity-based strongly unforgeable signature scheme
Identity-based signature (IBS) is a specific type of public-key signature (PKS) where any identity string ID can be used for the public key of a user. Although an IBS scheme can be constructed from any PKS scheme by using the certificate paradigm, it is ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
March 2018
187 pages
ISBN:9781450363617
DOI:10.1145/3199478
Copyright © 2018 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
In-Cooperation
- Wuhan Univ.: Wuhan University, China
- University of Electronic Science and Technology of China: University of Electronic Science and Technology of China
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 16 March 2018
Check for updates
Author Tags
Qualifiers
- Research-article
- Research
- Refereed limited
Conference
ICCSP 2018
ICCSP 2018: 2018 the 2nd International Conference on Cryptography, Security and Privacy
March 16 - 19, 2018
Guiyang, China
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 103Total Downloads
- Downloads (Last 12 months)4
- Downloads (Last 6 weeks)0
Reflects downloads up to 24 Sep 2024
Other Metrics
Citations
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in