Title: Comments on a dynamic cloud data integrity verification scheme: security analysis and improvement
Authors: Hao Yan; Zheng Zhang; Yanan Liu; Shuo Qiu; Qiuling Wu
Addresses: School of Network Security, Jinling Institute of Technology, Nanjing, 21000, China; Xi'an Innovation College, Yan'an University, Xi'an, 710000, China ' School of Network Security, Jinling Institute of Technology, Nanjing, 21000, China ' School of Network Security, Jinling Institute of Technology, Nanjing, 21000, China ' School of Network Security, Jinling Institute of Technology, Nanjing, 21000, China ' School of Network Security, Jinling Institute of Technology, Nanjing, 21000, China
Abstract: To ensure the integrity and reliability of the data on cloud servers, many public data verification schemes have been presented to allow data auditors to remotely audit the data integrity without fetching the data back. Recently, Zhao et al. (2021) proposed a dynamic data integrity audition scheme for cloud computing based on the dynamic array multi-branch tree (MBT). In their scheme, each leaf node x stores a hash value H(x) which relates to all the hash values of blocks in its block array. Because the value H(x) is always used to generate the integrity proof when any block linked to x is challenged, the attacker can deceive the auditor by replacing the challenged block with another one in the same block array. To address this problem of Zhao's scheme, we add a new index i for each block in the block array, which can ensure the uniqueness of each block to resist the replacement attack. Moreover, the algorithms of label generation and proof verification in Zhao's scheme are also upgraded to keep the soundness of the scheme. We give the security proof of the new scheme and make comprehensive performance analyses showing that compared with the original algorithms in Zhao's scheme, only negligible costs such as hash are brought to the new ones.
Keywords: cloud storage; data integrity checking; security analysis; improved scheme.
International Journal of Security and Networks, 2023 Vol.18 No.2, pp.125 - 132
Received: 30 Jan 2023
Accepted: 06 Feb 2023
Published online: 20 Jun 2023 *