Abstract
Cloud storage is an increasingly popular data storage manner which allows cloud data owners to outsource their data to the cloud for storage and maintaining. However, users will lose their physical control over their data after their data are outsourced to the cloud. To ensure the integrity of data stored in the cloud, many public auditing schemes have been proposed. Recently, Zhang et al. proposed an ID-based public auditing scheme for the outsourced data in the standard model. In this note, we prove this scheme is not secure. We show that the malicious cloud can pass the auditor’s verification even if it has deleted or modified the users’ data in this scheme.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Armbrust, M., Fox, A., Griffith, R., Joseph, A.D., Katz, R.H., Konwinski, A., Lee, G., Patterson, D.A., Rabkin, A., Stoica, I., Zaharia, M.: Above the clouds: a Berkeley view of cloud computing. EECS Department University of California Berkeley, vol. 53, no. 4, pp. 50–58 (2015)
Ren, K., Wang, C., Wang, Q.: Security challenges for the public cloud. IEEE Internet Comput. 16(1), 69–73 (2012)
Song, D., Shi, E., Fischer, I., Shankar, U.: Cloud data protection for the masses. IEEE Comput. 45(1), 39–45 (2012)
Arrington, M.: Gmail Disaster: Reports of Mass Email Deletions (2006). http://techcrunch.com/2006/12/28/gmail-disaster-reports-of-mass-email-deletions/
Amazon S3 Team: Amazon S3 Availability Event: July 20, 2008 (2008). http://status.aws.amazon.com/s3-20080720.html
Wang, Q., Wang, C., Ren, K.: Enabling public auditability and cloud data dynamics for storage security in cloud computing. IEEE Trans. Parallel Distrib. Syst. 22(5), 847–859 (2011)
Yu, Y., Zhang, Y., Ni, J., Au, M., Chen, L., Liu, H.: Remote data possession checking with enhanced security for cloud storage. Future Gener. Comput. Syst. 52, 77–85 (2015)
Yuan, J., Yu, S.: Public integrity auditing for dynamic data sharing with multiuser modification. IEEE Trans. Inf. Forensics Secur. 10(8), 1717–1726 (2015)
Yu, J., Ren, K., Wang, C., Varadharajan, V.: Enabling cloud storage auditing with key-exposure resistance. IEEE Trans. Inf. Forensics Secur. 10(6), 1167–1179 (2015)
Zhang, Y., Blanton, M.: Efficient dynamic provable possession of remote data via balanced update trees. In: Department of 8th ACM SIGSAC Symposium on Information, Computer and Communications Security, pp. 183–194. ACM (2013)
Guan, C., Ren, K., Zhang, F., Kerschbaum, F., Yu, J.: Symmetric-key based proofs of retrievability supporting public verification. In: Pernul, G., Ryan, P.Y.A., Weippl, E. (eds.) ESORICS. LNCS, vol. 9326, pp. 203–223. Springer, Heidelberg (2015). doi:10.1007/978-3-319-24174-6_11
Wang, H.: Proxy provable data possession in public clouds. IEEE Trans. Serv. Comput. 6(4), 551–558 (2013)
Yang, K., Jia, X.: Data storage auditing service in cloud computing: challenges, methods and opportunities. World Wide Web-Internet Web Inf. Syst. 15(4), 409–428 (2012)
Wang, B., Li, H., Li, M.: Privacy-preserving public auditing for shared cloud data supporting group dynamics. In: 2013 IEEE International Conference on IEEE Communications (ICC), pp. 1946–1950 (2013)
Yu, Y., Li, Y., Ni, J., Yang, G., Mu, Y., Susilo, W.: Public integrity auditing for dynamic data sharing with multiuser modification. IEEE Trans. Inf. Forensics Secur. 11(3), 658–659 (2016)
Yang, G., Yu, J., Shen, W., Su, Q., Zhang, F., Hao, R.: Enabling public auditing for shared data in cloud storage supporting identity privacy and traceability. J. Syst. Softw. 113, 130–139 (2016)
Zhang, J., Dong, Q.: Efficient ID-based public auditing for the outsourced data in cloud storage. Inf. Sci. 6(6), 1–14 (2016)
Wang, H., Wu, Q., Qin, B., Ferrer, D.: Identity-based remote data possession checking in public clouds. Inf. Secur. 8(2), 114–121 (2014)
Tan, S., Jia, Y.: NaEPASC: a novel and efficient public auditing scheme for cloud data. J. Zhejiang Univ. Sci. C 15(9), 794–804 (2014)
Zhang, J., Li, P., Mao, J.: IPad: ID-based public auditing for the outsourced data in the standard mode. Cluster Comput. 19(1), 1–12 (2015)
Shacham, H., Waters, B.: Compact proofs of retrievability. J. Cryptol. 26(3), 442–483 (2014)
Ateniese, G., Burns, R., Curtmola, R., Herring, J., Kissner, L., Peterson, Z., Song, D.: Provable data possession at untrusted stores. In: Proceedings of ACM CCS 2007, pp. 598–610 (2007)
Acknowledgement
This research is supported by National Natural Science Foundation of China (61572267, 61272425, 61402245).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing AG
About this paper
Cite this paper
Shen, W., Yu, J., Xia, H., Hao, R. (2016). A Note on “IPad: ID-Based Public Auditing for the Outsourced Data in the Standard Model”. In: Sun, X., Liu, A., Chao, HC., Bertino, E. (eds) Cloud Computing and Security. ICCCS 2016. Lecture Notes in Computer Science(), vol 10039. Springer, Cham. https://doi.org/10.1007/978-3-319-48671-0_30
Download citation
DOI: https://doi.org/10.1007/978-3-319-48671-0_30
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-48670-3
Online ISBN: 978-3-319-48671-0
eBook Packages: Computer ScienceComputer Science (R0)