Improving the Security of a Public Auditing Scheme for Multiple-Replica Dynamic Data

  • Jing Lu
  • Yuxiang Chen
  • Hui TianEmail author
  • Yonghong Chen
  • Tian Wang
  • Yiqiao Cai
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11338)


Cloud auditing is a significant technique for determining the security of data owners’ data in cloud. However, multiple-replica places greater demands on cloud auditing, where not only the integrity of each data replica but also the number of replicas should be checked. Moreover, it is also significant to support dynamical updating for multiple-replica data. Therefore, how to achieve secure and effective multiple-replica dynamic data auditing is a cutting-edge issue for cloud auditing. Recently, an efficient multi-replica dynamic data auditing scheme (IEEE Transactions on Information Forensics & Security, DOI: 10.1109/TIFS.2014.2384391) was presented to address this issue. Unfortunately, there is a security defect in this protocol, as we demonstrate in this paper. Specifically, a dishonest cloud storage provider can store an aggregation of all data copies instead of each replica itself without being detected by an auditor. Accordingly, we suggest a solution to resolve the problem while preserving all the properties of the original protocol.


Cloud storage Multi-replica Public auditing 



This work was supported in part by National Natural Science Foundation of China under Grant Nos. U1405254 and U1536115, Natural Science Foundation of Fujian Province of China under Grant No. 2018J01093, Research Project for Young Teachers in Fujian Province (Program for High-Education Informationization) under Grant No. JAT170055, and Program for Science and Technology Innovation Teams and Leading Talents of Huaqiao University under Grant No. 2014KJTD13.


  1. 1.
    Ren, K., Wang, C., Wang, Q.: Security challenges for the public cloud. IEEE Internet Comput. 16(1), 69–73 (2012)CrossRefGoogle Scholar
  2. 2.
    Wang, Q., Wang, C., Ren, K., Lou, W., Li, J.: Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans. Parallel Distrib. Syst. 22(5), 847–859 (2011)CrossRefGoogle Scholar
  3. 3.
    Tian, H., et al.: Dynamic-hash-table based public auditing for secure cloud storage. IEEE Trans. Serv. Comput. 10, 701–714 (2017)CrossRefGoogle Scholar
  4. 4.
    Wang, C., Chow, S.S.M., Wang, Q., Ren, K., Lou, W.: Privacy-preserving public auditing for secure cloud storage. IEEE Trans. Comput. 62(2), 362–375 (2013)MathSciNetCrossRefGoogle Scholar
  5. 5.
    Yu, Y., et al.: Identity-based remote data integrity checking with perfect data privacy preserving for cloud storage. IEEE Trans. Inf. Forensics Secur. 12(4), 767–778 (2017)CrossRefGoogle Scholar
  6. 6.
    Wang, B., Li, B., Li, H.: Oruta: privacy-preserving public auditing for shared data in the cloud. IEEE Trans. Cloud Comput. 2(1), 43–56 (2014)MathSciNetCrossRefGoogle Scholar
  7. 7.
    Wang, B., Li, B., Li, H.: Panda: public auditing for shared data with efficient user revocation in the cloud. IEEE Trans. Serv. Comput. 8(1), 92–106 (2015)CrossRefGoogle Scholar
  8. 8.
    Hao, Z., Yu, N.: A multiple-replica remote data possession checking protocol with public verifiability. In: Proceedings of the 2nd International Symposium on Data, Privacy and E-Commerce (ISDPE), pp. 84–89 (2010)Google Scholar
  9. 9.
    Liu, C., Ranjan, R., Yang, C., Zhang, X., Wang, L., Chen, J.: MUR-DPA: top-down levelled multi-replica merkle hash tree based secure public auditing for dynamic big data storage on cloud. IEEE Trans. Comput. 64(9), 2609–2622 (2015)MathSciNetCrossRefGoogle Scholar
  10. 10.
    Barsoum, A.F., Hasan, M.A.: Provable multicopy dynamic data possession in cloud computing systems. IEEE Trans. Inf. Forensics Secur. 10(3), 485–497 (2015)CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  • Jing Lu
    • 1
  • Yuxiang Chen
    • 2
  • Hui Tian
    • 2
    Email author
  • Yonghong Chen
    • 2
  • Tian Wang
    • 2
  • Yiqiao Cai
    • 2
  1. 1.Network Technology CenterNational Huaqiao UniversityXiamenChina
  2. 2.College of Computer Science and TechnologyNational Huaqiao UniversityXiamenChina

Personalised recommendations