With the introduction of Third-Party Auditor (TPA), cloud auditing technology has achieved significant advancements. Sang et al. proposed an obfuscation-based cloud auditing scheme that delegates complex verification tasks to cloud servers, effectively reducing the computational burden on TPA. While claiming lightweight implementation with low computational cost and resistance to replacement attacks, our thorough analysis reveals critical vulnerabilities in their scheme. Specifically, malicious cloud servers can exploit historical data blocks to successfully respond to all subsequent audit challenges, making the verification mechanism entirely ineffective. To address this issue, we propose an efficient security-enhanced solution that eliminates the vulnerability with minimal additional computational costs. Experimental evaluations demonstrate that the improved scheme achieves significant security enhancement with only an approximate 5ms additional computational cost compared to the original scheme.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

An Enhanced Multi-replica Auditing Protocol Based on Obfuscation

  • Hao Liu,
  • Xu An Wang,
  • Xiaoyuan Yang,
  • Weidong Zhong

摘要

With the introduction of Third-Party Auditor (TPA), cloud auditing technology has achieved significant advancements. Sang et al. proposed an obfuscation-based cloud auditing scheme that delegates complex verification tasks to cloud servers, effectively reducing the computational burden on TPA. While claiming lightweight implementation with low computational cost and resistance to replacement attacks, our thorough analysis reveals critical vulnerabilities in their scheme. Specifically, malicious cloud servers can exploit historical data blocks to successfully respond to all subsequent audit challenges, making the verification mechanism entirely ineffective. To address this issue, we propose an efficient security-enhanced solution that eliminates the vulnerability with minimal additional computational costs. Experimental evaluations demonstrate that the improved scheme achieves significant security enhancement with only an approximate 5ms additional computational cost compared to the original scheme.