Skip to main content
Log in

Comment on “Privacy-preserving public auditing for non-manager group shared data”

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

Using cloud storage, users can remotely store their data without the burden on complicated local storage management and maintenance. However, users will no longer physically possess the storage of their data after they upload the data to the cloud. It is very natural for users to suspect whether their data stored in the cloud is intact. To help users efficiently check the integrity of the outsourced data, many public auditing schemes have been proposed. Recently, Huang et al. have proposed a privacy-preserving public auditing scheme for non-manager group shared data. In this paper, we find a security flaw in their auditing scheme. Even if the cloud has deleted or polluted the whole outsourced data, it still can pass the verification of the verifier. And then, we overcome this shortcoming by improving their scheme, which prevents the cloud forging a valid proof to pass the integrity auditing. Last, we perform the concrete implementation of our improved scheme and Huang et al. ’s scheme.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6

Similar content being viewed by others

References

  1. Gantz J, Reinsel D (2012) The digital universe in 2020: Big data, bigger digital shadows, and biggest growth in the far east. IDC iView IDC Anal Future 2007(2012):1–16

    Google Scholar 

  2. Yang HS, Yoo SJ (2015) A study on smartwork security technology based on cloud computing environment. Wirel Pers Commun 94(3):1–10

    Article  Google Scholar 

  3. Wang C, Chow SSM, Wang Q, Ren K, Lou W (2013) Privacy-preserving public auditing for secure cloud storage. IEEE Trans Comput 62(2):362–375

    Article  MathSciNet  Google Scholar 

  4. Wang H, He D, Tang S (2016) Identity-based proxy-oriented data uploading and remote data integrity checking in public cloud. IEEE Trans Inf Forensics Secur 11(6):1165–1176

    Article  Google Scholar 

  5. Yu J, Ren K, Wang C (2016) Enabling cloud storage auditing with verifiable outsourcing of key updates. IEEE Trans Inf Forensics Secur 11(6):1362–1375

    Article  Google Scholar 

  6. Zhao P, Yu J, Zhang H, Qin Z, Wang C (2019) How to securely outsource finding the min-cut of undirected edge-weighted graphs. IEEE Trans Inf Forensics Secur 15:315–328

    Article  Google Scholar 

  7. Ge X, Yu J, Zhang H, Hu C, Li Z, Qin Z, Hao R (2019) Towards achieving keyword search over dynamic encrypted cloud data with symmetric-key based verification. IEEE Trans Dependable Sec Comput. https://doi.org/10.1109/TDSC.2019.2896258

  8. Zhang Y, Yu J, Hao R, Wang C, Ren K (2018) Enabling efficient user revocation in identity-based cloud storage auditing for shared big data. IEEE Trans Dependable Sec Comput PP (99) 1–1

  9. Ren K, Wang C, Wang Q (2012) Security challenges for the public cloud. IEEE Internet Comput 16(1):69–73

    Article  MathSciNet  Google Scholar 

  10. Song D, Shi E, Fischer I, Shankar U (2012) Cloud data protection for the masses. Computer 45(1):39–45

    Article  Google Scholar 

  11. Wang Q, Wang C, Ren K, Lou W, Li J (2011) Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans Parall Distrib Syst 22(5):847–859

    Article  Google Scholar 

  12. Ateniese G, Burns R, Curtmola R, Herring J, Kissner L, Peterson Z, Song D (2007) Provable data possession at untrusted stores. In: ACM Conference on Computer and Communications Security, pp 598–609

  13. Shacham H, Waters B (2008) Compact proofs of retrievability. In: International Conference on the Theory and Application of Cryptology and Information Security, pp 90–107

  14. Zhang Y, Blanton M (2013) Efficient dynamic provable possession of remote data via balanced update trees. In: ACM Sigsac Symposium on Information, Computer and Communications Security, pp 183–194

  15. Wang H (2013) Proxy provable data possession in public clouds. IEEE Trans Serv Comput 6(4):551–559

    Article  Google Scholar 

  16. Wang B, Li B, Li H (2013) Panda: public auditing for shared data with efficient user revocation in the cloud. IEEE Trans Serv Comput 8(1):92–106

    Article  Google Scholar 

  17. Jiang T, Chen X, Ma J (2015) Public integrity auditing for shared dynamic cloud data with group user revocation. IEEE Trans Comput 65(8):2363–2373

    Article  MathSciNet  Google Scholar 

  18. Yuan J, Yu S (2015) Public integrity auditing for dynamic data sharing with multiuser modification. IEEE Trans Inf Forensics Secur 10(8):1717–1726

    Article  Google Scholar 

  19. Huang L, Zhang G, Fu A (2018) Privacy-preserving public auditing for non-manager group shared data. Wirel Pers Commun (3):1–18

  20. Tian H, Nan F, Jiang H, Chang C-C, Ning J, Huang Y (2019) Public auditing for shared cloud data with efficient and secure group management. Inf Sci 472:107–125

    Article  Google Scholar 

  21. Shen J, Shen J, Chen X, Huang X, Susilo W (2017) An efficient public auditing protocol with novel dynamic structure for cloud data. IEEE Trans Inf Forensics Secur 12(10):2402–2415

    Article  Google Scholar 

  22. Yang G, Yu J, Shen W, Su Q, Fu Z, Hao R (2016) Enabling public auditing for shared data in cloud storage supporting identity privacy and traceability. J Syst Softw 113(C):130–139

    Article  Google Scholar 

  23. He K, Huang C, Yang K, Shi J (2015) Identity-preserving public auditing for shared cloud data. In: IEEE International Symposium on Quality of Service, pp 159–164

  24. Yu J, Hao R (2019) Comments on “SEPDP: secure and efficient privacy preserving provable data possession in cloud storage”. IEEE Trans Serv Comput. https://doi.org/10.1109/TSC.2019.2912379

    Article  Google Scholar 

  25. Yu J, Ren K, Wang C, Varadharajan V (2017) Enabling cloud storage auditing with key-exposure resistance. IEEE Trans Inf Forensics Secur 10(6):1167–1179

    Google Scholar 

  26. Yu J, Wang H (2017) Strong key-exposure resilient auditing for secure cloud storage. IEEE Trans Inf Forensics Secur 12(8):1931–1940

    Article  Google Scholar 

  27. Zhang X, Wang H, Xu C (2019) Identity-based key-exposure resilient cloud storage public auditing scheme from lattices. Inf Sci 472:223–234

    Article  Google Scholar 

  28. Xu Y, Sun S, Cui J, Zhong H (2019) Intrusion-resilient public cloud auditing scheme with authenticator update. Inf Sci. https://doi.org/10.1016/j.ins.2019.09.080

    Article  Google Scholar 

  29. Yu Y, Man HA, Mu Y, Tang S, Ren J, Susilo W, Dong L (2015) Enhanced privacy of a remote data integrity-checking protocol for secure cloud storage. Int J Inf Secur 14(4):307–318

    Article  Google Scholar 

  30. Shen W, Qin J, Yu J, Hao R, Hu J, Ma J (2019) Data integrity auditing without private key storage for secure cloud storage. IEEE Trans Cloud Comput. https://doi.org/10.1109/TCC.2019.2921553

    Article  Google Scholar 

  31. Nan F, Tian H, Wang T, Cai Y, Chen Y et al (2019) A collusion-resistant public auditing scheme for shared cloud data. Int J Inf Technol Manag 18(2/3):195–212

    Google Scholar 

Download references

Acknowledgements

This research is supported by National Natural Science Foundation of China (61572267, 61572412), National Development Foundation of Cryptography (MMJJ20170118, MMJJ20170126), the Key Research and Development Project of Shandong Province(2019GGX101051), the Open Project of the State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences (2019-MS-03).

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Rong Hao.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Bai, J., Hao, R. Comment on “Privacy-preserving public auditing for non-manager group shared data”. J Supercomput 76, 5563–5577 (2020). https://doi.org/10.1007/s11227-019-03094-z

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-019-03094-z

Keywords

Navigation