Security Analysis on a Public POR Scheme in Cloud Storage

Jian Hong Zhang; Wen Jing Tang

doi:10.4028/www.scientific.net/AMM.556-562.5395

Paper Titles

The Tracking and Prompting of Word Operation-Questions and the Realization and Designation of Automatical Grading
p.5377

Study on Electric Vehicles Social Network
p.5381

Internet of Things Technology Implementation by Applying SDLC Model: The Intelligent Storage Management System
p.5385

Research on Networking of Stage Surveillance System
p.5391

Security Analysis on a Public POR Scheme in Cloud Storage
p.5395

Design of Networked Control System with Time-Delay and Packet Loss
p.5400

Application and Realization of Workflow Engine in OA
p.5404

Comparing of Cloud Computing and Grid Computing
p.5408

Geospatial Database Design for China – Kazakhstan Tourism Resource Information System
p.5413

HomeApplied Mechanics and MaterialsApplied Mechanics and Materials Vols. 556-562Security Analysis on a Public POR Scheme in Cloud...

Security Analysis on a Public POR Scheme in Cloud Storage

Abstract:

Data integrity is one of the biggest concerns with cloud data storage for cloud user. Besides, the cloud user’s constrained computing capabilities make the task of data integrity auditing expensive and even formidable. Recently, a proof-of-retrievability scheme proposed by Yuan et al. has addressed the issue, and security proof of the scheme was provided. Unfortunately, in this work we show that the scheme is insecure. Namely, the cloud server who maliciously modifies the data file can pass the verification, and the client who executes the cloud storage auditing can recover the whole data file through the interactive process. Furthermore, we also show that the protocol is vulnerable to an efficient active attack, which means that the active attacker is able to arbitrarily modify the cloud data without being detected by the auditor in the auditing process. After giving the corresponding attacks to Yuan et al.’s scheme, we suggest a solution to fix the problems.

You might also be interested in these eBooks

View Preview

Info:

Periodical:

Applied Mechanics and Materials (Volumes 556-562)

Pages:

5395-5399

DOI:

https://doi.org/10.4028/www.scientific.net/AMM.556-562.5395

Citation:

Cite this paper

Online since:

May 2014

Authors:

Jian Hong Zhang*, Wen Jing Tang

Keywords:

Cloud Storage, Proofs of Retrievability, Security Analysis

Export:

RIS, BibTeX

Price:

Permissions CCC:

Request Permissions

Permissions PLS:

Request Permissions

Сopyright:

Citation:

* - Corresponding Author

References

[1] Y. Deswarte, J. J. Quisquater, A. Saïdane: Remote integrity checking[M]/Integrity and Internal Control in Information Systems VI. Springer US, 2004: 1-11.

DOI: 10.1007/1-4020-7901-x_1

Google Scholar

[2] G. Ateniese, R. Burns, R. Curtmola, et al. Provable data possession at untrusted stores[C]/Proceedings of the 14th ACM conference on Computer and communications security. ACM, 2007: 598-609.

DOI: 10.1145/1315245.1315318

Google Scholar

[3] G. Ateniese, R. Di Pietro, L. V. Mancini, et al. Scalable and efficient provable data possession[C]/Proceedings of the 4th international conference on Security and privacy in communication netowrks. ACM, 2008: 9.

DOI: 10.1145/1460877.1460889

Google Scholar

[4] C. Erway, A. Küpçü, C. Papamanthou, et al. Dynamic provable data possession[C]/Proceedings of the 16th ACM conference on Computer and communications security. ACM, 2009: 213-222.

DOI: 10.1145/1653662.1653688

Google Scholar

[5] J. Yuan, S. Yu. Proofs of retrievability with public verifiability and constant communication cost in cloud[C]/Proceedings of the 2013 international workshop on Security in cloud computing. ACM, 2013: 19-26.

DOI: 10.1145/2484402.2484408

Google Scholar