On the Security of a Cloud Data Storage Auditing Protocol IPAD | SpringerLink
Skip to main content
Springer Nature Link
Log in

On the Security of a Cloud Data Storage Auditing Protocol IPAD

  • Conference paper
  • First Online:
Advances in Internetworking, Data & Web Technologies (EIDWT 2017)

Part of the book series: Lecture Notes on Data Engineering and Communications Technologies ((LNDECT,volume 6))

Abstract

Nowadays cloud data storage is a very important storage service for us, but to ensure the datum stored in the remote cloud server remains unmodified, we need a mechanism to check the datum’s integrity, cloud data storage auditing protocol is such a mechanism, which has received great attention from researchers. Recently Zhang et al. proposed an efficient ID-based public auditing protocol called IPAD for the outsourced data by combing Waters signature and public auditing for the outsourced data. They claimed IPAD is the first ID-based auditing protocol for data integrity in the standard security model. But in this paper we show their proposal is not secure. Especially, the adversaries can easily generate tags for any file, which obviously break the unforgeability property of the cloud storage auditing protocol.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
¥17,985 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
JPY 3498
Price includes VAT (Japan)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
JPY 22879
Price includes VAT (Japan)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
JPY 28599
Price includes VAT (Japan)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Ateniese, G., Burns, R.C., Curtmola, R., Herring, J., Kissner, L., Peterson, Z.N.J., Song, D.: Provable data possession at untrusted stores. In: Ning, P., di Vimercati, S.D.C., Syverson, P.F. (eds.) ACM CCS 2007, pp. 598–609. ACM Press, Alexandria (2007)

    Google Scholar 

  2. Ateniese, G., Burns, R.C., Curtmola, R., Herring, J., Kissner, L., Peterson, Z.N.J., Song, D.: Remote data checking using provable data possession. ACM Trans. Inf. Syst. Secur. 14(1), 12 (2011)

    Article  Google Scholar 

  3. Juels, A., Kaliski Jr, B.S.: PORS: proofs of retrievability for large files. In: Ning, P., di Vimercati S.D.C., Syverson P.F. (eds.) ACM CCS 2007, pp. 584–597. ACM Press, Alexandria (2007)

    Google Scholar 

  4. Shacham, H., Waters, B.: Compact proofs of retrievability. In: Pieprzyk, J. (ed.) ASIACRYPT 2008. LNCS, vol. 5350, pp. 90–107. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  5. Shi, E., Stefanov, E., Papamanthou, C.: Practical dynamic proofs of retrievability. In: Sadeghi, A.R., Gligor, V.D., Yung, M. (eds.) ACM CCS 2013, pp. 325–336. ACM Press, Berlin (2013)

    Google Scholar 

  6. Cash, D., Küpçü, A., Wichs, D.: Dynamic proofs of retrievability via oblivious RAM. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 279–295. Springer, Berlin (2013)

    Google Scholar 

  7. Wang, Q., Wang, C., Ren, K., Lou, W., Li, J.: Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans. Parallel Distrib. Syst. 22(5), 847–859 (2012)

    Article  Google Scholar 

  8. Yang, K., Jia, X.: An efficient and secure dynamic auditing protocol for data storage in cloud computing. IEEE Trans. Parallel Distrib. Syst. 24(9), 1717–1726 (2013)

    Article  Google Scholar 

  9. Wang, B., Baochun, L., Hui, L.: Public auditing for shared data with efficient user revocation in the cloud. In: Proceedings of the 33th Conference on Information Communications (INFOCOM 2013), pp. 2750–2758. IEEE Press (2013)

    Google Scholar 

  10. Yuan, J., Yu, S.: Proofs of retrievability with public verifiability and constant communication cost in cloud. In: Proceedings of the 2013 International Workshop on Security in Cloud Computing, Cloud Computing, pp. 19–26 (2013)

    Google Scholar 

  11. Wang, C., Chow, S., Wang, Q., Ren, K., Lou, W.: Privacy-preserving public auditing for secure cloud storage. IEEE Trans. Comput. 62(2), 362–375 (2013)

    Article  MathSciNet  Google Scholar 

  12. Yu, Y., Zhang, Y., Ni, J., Au, M., Chen, L., Liu, H.: Remote data possession checking with enhanced security for cloud storage. Future Gener. Comput. Syst. 52, 77–85 (2014). doi:10.1016/j.future.2014.10.006

    Article  Google Scholar 

  13. Yu, Y., Au, M.H., Ateniese, G., Huang, X., Susilo, W., Dai, Y., Min, G.: Identity-based remote data integrity checking with perfect data privacy preserving for cloud storage. IEEE Trans. Inf. Forensics Secur. 12(4), 767–778 (2016). doi:10.1109/TIFS.2016.2615853

    Article  Google Scholar 

  14. Zhu, Y., Hu, H., Ahn, G., Yu, M.: Cooperative provable data possession for integrity verification in multi cloud storage. IEEE Trans. Parallel Distrib. Syst. 23(12), 2231–2244 (2012)

    Article  Google Scholar 

  15. Halevi, S., Harnik, D., Pinkas, B., Shulman-Peleg, A.: Proofs of ownership in remote storage systems. In: Chen, Y., Danezis, G., Shmatikov, V. (eds.) ACM CCS 2011, pp. 491–500. ACM Press, Chicago (2011)

    Google Scholar 

  16. Zheng, Q., Xu, S.: Secure and efficient proof of storage with deduplication. Cryptology ePrint Archive, Report 2011/529 (2011). http://eprint.iacr.org/2011/529

  17. Yuan, J., Yu, S.: Public integrity auditing for dynamic data sharing with multi-user modification. IEEE Trans. Inf. Forensics Secur. 10(8), 1717–1726 (2015)

    Article  Google Scholar 

  18. Yu, Y., Li, Y., Ni, J., Yang, G., Mu, Y., Susilo, W.: Comments on “public integrity auditing for dynamic data sharing with multi-user modification”. IEEE Trans. Inf. Forensics Secur. 11(3), 658–659 (2016)

    Article  Google Scholar 

  19. Yuan, J., Yu, S.: PCPOR: public and constant-cost proofs of retrievability in cloud. J. Comput. Secur. 23, 403–425 (2015)

    Article  Google Scholar 

  20. Yuan, J., Yu, S.: Efficient public integrity checking for cloud data sharing with multi-user modification. In: Proceedings of the 33rd Conference on Information Communications (INFOCOM 2014), pp. 2121–2129. IEEE Press (2014)

    Google Scholar 

  21. Puzar, M., Plagemann, T.: Data sharing in mobile ad-hoc networks-a study of replication and performance in the MIDAS data space. Int. J. Space-Based Situated Comput. 1(2/3), 137–150 (2015)

    Article  Google Scholar 

  22. Petrlic, R., Sekula, S., Sorge, C.: A privacy-friendly architecture for future cloud computing. Int. J. Grid Util. Comput. 4(4), 265–277 (2013)

    Article  Google Scholar 

  23. Wang, Y., Du, J., Cheng, X., Liu, Z., Lin, K.: Degradation and encryption for outsourced PNG images in cloud storage. Int. J. Grid Util. Comput. 7(1), 22–28 (2016)

    Article  Google Scholar 

  24. Ye, X., Khoussainov, B.: Fine-grained access control for cloud computing. Int. J. Grid Util. Comput. 4(2/3), 160–168 (2013)

    Article  Google Scholar 

  25. Zhang, J., Li, P., Mao, J.: IPad: ID-based public auditing for the outsourced data in the standard model. Cluster Comput. 19(1), 127–138 (2016). doi:10.1007/s10586-015-0511-3

    Article  Google Scholar 

Download references

Acknowledgements

This work is supported by Nature Science Foundation of China (Grant NO. U1636114, 61572521) and Natural Science Foundation of Shaanxi Province (Grant No. 2016JQ6037) and Guangxi Key Laboratory of Cryptography and Information Security (Grant No. GCIS201610).

Author information

Authors and Affiliations

  1. Key Laboratory of Cryptology and Information Security, Engineering University of CAPF, Xi’an, 710086, China

    Xu An Wang, Xiaoshuang Luo & Xiaoyuan Yang

  2. Guangxi Key Laboratory of Cryptography and Information Security, Guilin University of Electronic Technology, Guilin, People’s Republic of China

    Xu An Wang

  3. State Key Laboratory of Integrated Service Networks, Xidian University, Xi’an, 710071, China

    Jindan Zhang

Authors
  1. Xu An Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Xiaoshuang Luo
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jindan Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Xiaoyuan Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Xu An Wang .

Editor information

Editors and Affiliations

  1. Fukuoka Institute of Technology, Fukuoka, Japan

    Leonard Barolli

  2. School of Computer Sciences, Hubei University of Technology, Wuhan, China

    Mingwu Zhang

  3. Department of Electronic Technology, Key, Engineering University of CAPF, Xi’an, Xizang, China

    Xu An Wang

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer International Publishing AG

About this paper

Cite this paper

Wang, X.A., Luo, X., Zhang, J., Yang, X. (2018). On the Security of a Cloud Data Storage Auditing Protocol IPAD. In: Barolli, L., Zhang, M., Wang, X. (eds) Advances in Internetworking, Data & Web Technologies. EIDWT 2017. Lecture Notes on Data Engineering and Communications Technologies, vol 6. Springer, Cham. https://doi.org/10.1007/978-3-319-59463-7_61

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-59463-7_61

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-59462-0

  • Online ISBN: 978-3-319-59463-7

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation