An Improved Remote Data Integrity Verification Protocol in Cloud Storage
In the information era, more and more data are produced, which imposes a heavy burden on local storage.Fortunately, the cloud computing paradigm provides users with a feasible and inexpensive way to upload their large data files on the cloud storage server to reduce the local storage requirements.However, the cloud servers are not fully trusted, which may bring about security issues to our data.So it becomes an important problem how to ensure the security of the outsourced data.To address this issue, Sookhak et al.proposed a protocol that can verify the data integrity and support dynamic data operations without retrieving the data from the cloud server.In this paper, we illustrate that Sookhak et al.”s protocol suffers from a man-in-middle attack.One can easily tamper the data stored in the cloud server and then modify the challenge response returned by the cloud server.The modified response can pass through the verification process of the user without being detected.Furthermore, we adapt Sookhak et al.”s protocol to resist the proposed attack.It is proved that the improvement obtains a provable security goal under the integer factorization intractability assumption.We also show that the improvement is still efficient.
cloud storage data integrity man-in-middle attack provable security
Yunpeng Zhang Baocang Wang Ting Pang
State Key Laboratory of Integrated Service Networks Xidian University Xi”an 710071, China
国内会议
成都
英文
117-132
2016-07-01(万方平台首次上网日期,不代表论文的发表时间)