Abstract
Abstract Cloud storage allows users to enjoy the on-demand and high quality data storage services without the load of local data maintenance. However, the cloud server providers are not fully trusted. Whether the data over cloud servers are intact becomes a major concern of data owners. To offer cloud users with the capacity of data integrity verification, recently, Chen proposed a remote data possession checking (RDPC) protocol from algebraic signatures which achieves many desirable features such as high efficiency, short length of challenges and responses, non-block verification. Unfortunately, in this paper, we find that the protocol is vulnerable to replay attack and deletion attack launched by a dishonest server. Specifically, the server can deceive the users to believe that their data are well hold by replaying a previous evidence or re-constructing the deleted data blocks from the corresponding tags in the integrity checking process, while their data have been partially discarded in fact. Then, we present an improved scheme to fix the security flaws of the original protocol. Both the theoretical analysis and the implementation results show that the improvement is secure and practical.
| Original language | English |
|---|---|
| Article number | 2629 |
| Pages (from-to) | 77-84 |
| Number of pages | 8 |
| Journal | Future Generation Computer Systems |
| Volume | 52 |
| DOIs | |
| Publication status | Published - 29 Jul 2015 |
Keywords
- Algebraic signature
- Cloud storage
- Data integrity
- Provable security
ASJC Scopus subject areas
- Software
- Hardware and Architecture
- Computer Networks and Communications