[KSCI] Korea Science Citation Index Service

http://dx.doi.org/10.3837/tiis.2014.11.032

An Efficient Provable Secure Public Auditing Scheme for Cloud Storage

Xu, Chunxiang (school of Computer Science and Engineering, University of Electronic Science and Technology of China)
Zhang, Yuan (School of Computer Science and Engineering, University of Electronic Science and Technology of China)
Yu, Yong (School of Computer Science and Engineering, University of Electronic Science and Technology of China)
Zhang, Xiaojun (School of Computer Science and Engineering, University of Electronic Science and Technology of China)
Wen, Junwei (School of Computer Science and Engineering, University of Electronic Science and Technology of China)

Publication Information

KSII Transactions on Internet and Information Systems (TIIS) / v.8, no.11, 2014 , pp. 4226-4241 More about this Journal

Abstract

Cloud storage provides an easy, cost-effective and reliable way of data management for users without the burden of local data storage and maintenance. Whereas, this new paradigm poses many challenges on integrity and privacy of users' data, since users losing grip on their data after outsourcing the data to the cloud server. In order to address these problems, recently, Worku et al. have proposed an efficient privacy-preserving public auditing scheme for cloud storage. However, in this paper, we point out the security flaw existing in the scheme. An adversary, who is on-line and active, is capable of modifying the outsourced data arbitrarily and avoiding the detection by exploiting the security flaw. To fix this security flaw, we further propose a secure and efficient privacy-preserving public auditing scheme, which makes up the security flaw of Worku et al.'s scheme while retaining all the features. Finally, we give a formal security proof and the performance analysis, they show the proposed scheme has much more advantages over the Worku et al.'s scheme.

Keywords

cloud storage; auditing scheme; cryptanalysis; improvement;

Citations & Related Records

Reference

1	Wang, C, Wang, Q, Ren, K and Lou, W, "Privacy-preserving public auditing for data storage security in cloud computing," in Proc. of IEEE Conf. on Computer Communication, pp, 1-9, March 14-19, 2010.
2	Yang K and Jia X, "An efficient and secure dynamic auditing protocol for data storage in cloud computing," IEEE Transactions on Parallel and Distributed Systems, vol. 24, no. 9, pp. 1717-1726, September, 2013. DOI ScienceOn
3	Worku S G, Xu C, Zhao J and He X, "Secure and efficient privacy-preserving public auditing scheme for cloud storage," Computers & Electrical Engineering, vol. 40, no. 5, pp. 1703-1713, July, 2014. DOI ScienceOn
4	Wang, C, Chow, S. S, Wang, Q, Ren, K, and Lou, W, "Privacy-preserving public auditing for secure cloud storage," IEEE Transactions on Computers, vol. 62, no. 2, pp. 362-375, February, 2013. DOI ScienceOn
5	Li, H, Lin, X, Yang, H, Liang, X, Lu, R, and Shen, X, "EPPDR: An Efficient Privacy-Preserving Demand Response Scheme with Adaptive Key Evolution in Smart Grid," IEEE Transactions on Parallel and Distributed Systems, vol. 25, no. 8, pp. 2053-2064, August, 2014. DOI ScienceOn
6	Zhao J, Xu C, Li F and Zhang W, "Identity-Based public verification with privacy-preserving for data storage security in cloud computing," IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, vol. 96, no. 12, pp. 2709-2716, December, 2013.
7	Xu C, He X and Abraha-Weldemariam D, "Cryptanalysis of Wang's auditing protocol for data storage security in cloud computing," in Proc. of International Conf. on Information Computer Application, pp. 422-428, September 14-16, 2012.
8	Ni, J, Yu, Y, Mu, Y and Xia, Q, "On the Security of an Efficient Dynamic Auditing Protocol in Cloud Storage," IEEE Transactions on Parallel and Distributed Systems, vol. 25, no. 10, pp. 2760-2761, October, 2013.
9	Shacham H and Waters B, "Compact proofs of retrievability," in Pro. of International Conf. on the Theory and Application of Cryptology and Information Security, pp. 90-107, December 7-11, 2008.
10	Giuseppe A, Randal B, Reza C, Joseph H, Lea K, Zachary P and Dawn S, "Provable data possession at untrusted stores," in Proc. of ACM conf. on computer and communications security, pp. 598-609, October 29-November 2, 2007.
11	Boldyreva A, Gentry C, O'Neill A and Yum, D. H, "Ordered multisignatures and identity-based sequential aggregate signatures, with applications to secure routing," in Proc. of ACM conf. on Computer and communications security, pp. 276-285, October 29-November 2, 2007.