Abstract
Cloud auditing is an important method to check the integrity of the outsourced cloud storage. Until now, there are many cryptographic ways to implement the cloud audit protocol, such as PKI based cloud audit protocol, identity based cloud audit protocol and certificateless based cloud audit protocol. In this short paper, we focus on a certificateless based cloud audit protocol proposed by Huang et al. in 2017. Although this is a valuable protocol, we show this protocol has some flaw. Concretely the certificateless signature can be forged, and thus the audit protocol is not secure.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Ateniese, G., et al.: Provable data possession at untrusted stores. In: CCS 2007, pp. 598–609 (2007)
Shacham, H., Waters, B.: Compact proofs of retrievability. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 90–107. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-89255-7_7
Cash, D., Küpçü, A., Wichs, D.: Dynamic proofs of retrievability via oblivious RAM. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 279–295. Springer, Heidelberg (2013)
Huang, L., Zhou, J., Zhang, G., Sun, J., Wang, T., Vajdi, A.: Certificateless public verification for the outsourced data integrity in cloud storage. J. Circ. Syst. Comput. 27(11), 1850181 (2018)
Acknowledgements
This work is supported by Natural Science Basic Research Plan in Shaanxi Province of China [No. 2018JM6028], the Foundation of Guizhou Provincial Key Laboratory of Public Big Data [No. 2019BDKFJJ008], Engineering University of PAPs Funding for Scientific Research Innovation Team [No. KYTD201805] and Engineering University of PAPs Funding for Key Researcher [No. KYGG202011].
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Wang, X.A., Pan, X., Wei, L., Zhao, Y. (2022). On the Insecurity of a Certificateless Public Verification Protocol for the Outsourced Data Integrity in Cloud Storage. In: Barolli, L., Kulla, E., Ikeda, M. (eds) Advances in Internet, Data & Web Technologies. EIDWT 2022. Lecture Notes on Data Engineering and Communications Technologies, vol 118. Springer, Cham. https://doi.org/10.1007/978-3-030-95903-6_8
Download citation
DOI: https://doi.org/10.1007/978-3-030-95903-6_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-95902-9
Online ISBN: 978-3-030-95903-6
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)