Attack on Privacy-Preserving Public Auditing Schemes for Cloud StorageReport as inadecuate

Attack on Privacy-Preserving Public Auditing Schemes for Cloud Storage - Download this document for free, or read online. Document in PDF available to download.

Mathematical Problems in Engineering - Volume 2017 2017, Article ID 8062182, 6 pages -

Research ArticleSchool of Computer Science and Software, Tianjin Polytechnic University, Tianjin 300387, China

Correspondence should be addressed to Baoyuan Kang

Received 9 December 2016; Accepted 19 April 2017; Published 11 May 2017

Academic Editor: Emilio Insfran

Copyright © 2017 Baoyuan Kang et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.


With the development of Internet, cloud computing has emerged to provide service to data users. But, it is necessary for an auditor on behalf of users to check the integrity of the data stored in the cloud. The cloud server also must ensure the privacy of the data. In a usual public integrity check scheme, the linear combination of data blocks is needed for verification. But, after times of auditing on the same data blocks, based on collected linear combinations, the auditor might derive these blocks. Recently, a number of public auditing schemes with privacy-preserving are proposed. With blinded linear combinations of data blocks, the authors of these schemes believed that the auditor cannot derive any information about the data blocks and claimed that their schemes are provably secure in the random oracle model. In this paper, with detailed security analysis of these schemes, we show that these schemes are vulnerable to an attack from the malicious cloud server who modifies the data blocks and succeeds in forging proof information for data integrity check.

Author: Baoyuan Kang, Jiaqiang Wang, and Dongyang Shao



Related documents