University of Wollongong
Browse

Insecurity of an efficient privacy-preserving public auditing scheme for cloud data storage

Download (156.41 kB)
journal contribution
posted on 2024-11-14, 01:50 authored by Hongyu Liu, Leiting Chen, Zahra Davar, Mohammad Ramezanianpour
Cloud storage has a long string of merits but at the same time, poses many challenges on data integrity and privacy. A cloud data auditing protocol, which enables a cloud server to prove the integrity of stored files to a verifier, is a powerful tool for secure cloud storage. Wang et al. proposed a privacy-preserving public auditing protocol, however, Worku et al. found the protocol is seriously insecure and proposed an improvement to remedy the weakness. In this paper, unfortunately, we demonstrate that the new protocol due to Worku et al. fails to achieve soundness and obtains merely limited privacy. Specifically, we show even deleting all the files of a data owner, a malicious cloud server is able to generate a response to a challenge without being caught by TPA in their enhanced but unrealistic security model. Worse still, the protocol is insecure even in a correct security model. For privacy, a dishonest verifier can tell which file is stored on the cloud. Solutions to efficient public auditing mechanisms with perfect privacy protection are still worth exploring.

History

Citation

Liu, H., Chen, L., Davar, Z. & pour, M. Ramezanian. (2015). Insecurity of an efficient privacy-preserving public auditing scheme for cloud data storage. Journal of Universal Computer Science, 21 (3), 473-482.

Journal title

Journal of Universal Computer Science

Volume

21

Issue

3

Pagination

473-482

Language

English

RIS ID

100100

Usage metrics

    Categories

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC