Toward Usable Cloud Storage Auditing, Revisited

In recent years, how to design secure and efficient cloud storage auditing (CSA) protocols, which enable users to verify whether the cloud server still keeps their stored data undamaged, is a research hotspot, and many candidates were proposed. Recently, Chen et al. (2020) just suggested a usable CSA (UCSA) protocol by combining error correcting codes with homomorphic authentication technique, and claimed that their protocol is secure. However, in this article, we analyze the security of Chen et al.’s construction and find that this protocol is completely insecure. In particular, after receiving data owner’s authenticated data, the cloud server only needs to compute and store the much shorter parity codes (derived from all the data blocks) instead of the blocks themselves. Then, it can correctly forge and return a proof, which is able to pass the checking of the verifier, even if it does not truly store original data blocks. In addition, we provide an improved UCSA (iUCSA) protocol on the remedy of the weaknesses of Chen et al.’s scheme. A detailed security analysis is also performed within the framework of Chen et al. Finally, the performance analysis shows that the protocol iUCSA is practical.