Abstract:Dynamic provable data possession (DPDP) schemes are important in cloud data security to prevent the data from being lost, modified or corrupted. This paper presents security analyse of some existing schemes based on Hash aggregation and points out some security problems in the known methods and their fundamental reasons. The analyse show that Hash aggregation can effectively reduce storage, computation and transmission costs of verification due for data dynamic operations. One scheme had security vulnerabilities when verifying the relation between the position and the value of a data block that can allow a substitution attack.
邹静, 李斌, 张利, 骆扬, 孙运传, 李世贤. 基于Hash聚合动态数据持有性方案安全性分析[J]. 清华大学学报(自然科学版), 2017, 57(11): 1145-1149,1158.
ZOU Jing, LI Bin, ZHANG Li, LUO Yang, SUN Yunchuan, LI Shixian. Security analysis of dynamic provable data possession based on Hash aggregation. Journal of Tsinghua University(Science and Technology), 2017, 57(11): 1145-1149,1158.
谭霜, 贾焰, 韩伟红, 等. 云存储中的数据完整性证明研究及进展[J]. 计算机学报, 2014, 37(32):1-15. TANG Shuang, JIA Yan, HAN Weihong, et al. Research and development of provable data integrity in cloud storage[J]. Chinese Journal of Computers, 2014, 37(32):1-15.(in Chinese)
[2]
Deswarte Y, Quisquater J, Sadane A. Remote integrity checking[C]//Proc 6th Working Conference on Integrity and Internal Control in Information Systems. Lausanne, Switzerland:Springer, 2004:1-11.
[3]
Ateniese G, Burns R, Curtmola R, et al. Provable data possession at untrusted stores[C]//Proc 14th ACM Conference on Computer and Communications Security. Alexandria, VA, USA:ACM, 2007:598-609.
[4]
Ateniese G, Burns R, Curtmola R, et al. Remote data checking using provable data possession[J]. ACM Transactions on Information and System Security (TISSEC), 2011, 14(1):1-34.
[5]
Ateniese G, Di Pietro R, Mancini L V, et al. Scalable and efficient provable data possession[C]//Proc 4th International Conference on Security and Privacy in Communication Networks. Istanbul, Turkey:ACM, 2008:1-10.
[6]
Sebé F, Domingo F J, Martine B A, et al. Efficient remote data possession checking in critical information infrastructure[J]. IEEE Transactions on Knowledge and Data Engineering. 2008, 20(8):1034-1038.
[7]
Erway C, Küpü A, Papamanthou C, et al. Dynamic provable data possession[C]//Proc 16th ACM Conference on Computer and Communications Security. Chicago, IL, USA:ACM, 2009:213-222.
[8]
Wang Q, Wang C, Li J, et al. Enabling public verifiability and data dynamics for storage security in cloud[C]//Proc 14th European Symposium on Research in Computer Security. Saint-Malo, France:Springer-Verlag Berlin, 2009:355-370.
[9]
Barsoum A F, Hasan M A. Provable multicopy dynamic data possession in cloud computing systems[J]. IEEE Transactions on Information Forensics and Security, 2015, 10(3):485-497.
[10]
Liu F F, Gu D W, Lu H N. An improved dynamic provable data possession model[C]//Proc 2011 IEEE International Conference on Cloud Computing and Intelligence Systems. Beijing, China:IEEE, 2011:290-295.
[11]
Wang H Q. Identity-based distributed provable data possession in multi-cloud storage[J]. IEEE Transactions on Services Computing, 2015, 8(2):328-340.
[12]
Boneh D, Lynn B, Shacham H. Short signatures from the weil pairing[C]//Proc 7th International Conference on the Theory and Application of Cryptology and Information Security. London, UK:Springer-Verlag, 2001:514-532.