Comments on "public integrity auditing for dynamic data sharing with multi-user modification"

Authors

Yong Yu, University of Electronic Science and Technology of ChinaFollow
Yannan Li, University of Electronic Science and Technology of China
Jianbing Ni, University of Electronic Science and Technology of China
Guomin Yang, University of WollongongFollow
Yi Mu, University of WollongongFollow
Willy Susilo, University of WollongongFollow

RIS ID

102226

Publication Details

Yu, Y., Li, Y., Ni, J., Yang, G., Mu, Y. & Susilo, W. (2016). Comments on "public integrity auditing for dynamic data sharing with multiuser modification". IEEE Transactions on Information Forensics and Security, 11 (3), 658-659.

Abstract

Recently, a practical public integrity auditing scheme supporting multiuser data modification (IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, DOI 10.1109/TIFS.2015.2423264) was proposed. Although the protocol was claimed secure, in this paper, we show that the proposal fails to achieve soundness, the most essential property that an auditing scheme should provide. Specifically, we show that a cloud server can collude with a revoked user to deceive a third-party auditor (TPA) that a stored file keeps virgin even when the entire file has been deleted.