An Enhanced Multi-replica Auditing Protocol Based on Obfuscation
摘要
With the introduction of Third-Party Auditor (TPA), cloud auditing technology has achieved significant advancements. Sang et al. proposed an obfuscation-based cloud auditing scheme that delegates complex verification tasks to cloud servers, effectively reducing the computational burden on TPA. While claiming lightweight implementation with low computational cost and resistance to replacement attacks, our thorough analysis reveals critical vulnerabilities in their scheme. Specifically, malicious cloud servers can exploit historical data blocks to successfully respond to all subsequent audit challenges, making the verification mechanism entirely ineffective. To address this issue, we propose an efficient security-enhanced solution that eliminates the vulnerability with minimal additional computational costs. Experimental evaluations demonstrate that the improved scheme achieves significant security enhancement with only an approximate 5ms additional computational cost compared to the original scheme.