Abstract
At TrustCom 2013, Govinda Ramaiah and Vijaya Kumari proposed a new protocol for verifying the integrity of the data stored at the remote cloud server, based on a practical version of homomorphic encryption based on integers. This protocol attempted to combine the data integrity and confidentiality in new ways. The authors claimed that the privacy guarantee of this new protocol is totally dependent on the security of the homomorphic encryption scheme. In this paper, we present a chosen-plaintext attack on this homomorphic encryption scheme. Our attack only needs to apply LLL algorithm twice on two small dimension lattices, and the experiments data shows that the user data can be recovered in seconds for the security parameters recommended by the authors. Hence, the privacy of the user data in this protocol can not be guaranteed and the security of this protocol is overestimated.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Ajtai, M.: Generating random lattices according to the invariant distribution, Draft of March 2006
Coron, J.-S., Lepoint, T., Tibouchi, M.: Scale-invariant fully homomorphic encryption over the integers. In: Krawczyk, H. (ed.) PKC 2014. LNCS, vol. 8383, pp. 311–328. Springer, Heidelberg (2014). doi:10.1007/978-3-642-54631-0_18
Chen, Y., Paxson, V., Katz, R.H.: Whats new about cloud computing security. Technical report No. UCB/EECS-2010-5, University of California, Berkeley (2010)
Cadé, D., Pujol, X., Stehlé, D.: FPLLL library, version 3.0 (2008) http://perso.ens-lyon.fr/damien.stehle
Cheon, J.H., Stehlé, D.: Fully homomophic encryption over the integers revisited. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 513–536. Springer, Heidelberg (2015). doi:10.1007/978-3-662-46800-5_20
Galbraith, S.D., Gebregiyorgis, S.W., Murphy, S.: Algorithms for the approximate common divisor problem. In: Proceedings of ANTS 2016, to appear. http://eprint.iacr.org/2016/215
Juels, A., Kaliski Jr., B.S.: PoRs: proofs of retrievability for large files. In: Proceedings of ACM-CCS 2007, pp. 584–597 (2007)
Shah, A.M., Swaminathan, R., Baker, M.: Privacy-preserving audit and extraction of digital contents. Cryptology ePrint Archive, Report 2008/186 (2008)
Govinda Ramaiah, Y., Vijaya Kumari, G.: Complete privacy preserving auditing for data integrity in cloud computing. In: TrustCom 2013, pp. 1559–1566 (2013)
Lenstra, A.K., Lenstra, H.W., Lovász, L.: Factoring polynomials with rational coefficients. Mathematische Ann. 261, 513–534 (1982)
Govinda Ramaiah, Y., Vijaya Kumari, G.: Efficient public key homomorphic encryption over integer plaintexts. In: ISIC 2012, pp. 126–131. IEEE (2012)
Nguyen, P., Stern, J.: Merkle-Hellman revisited: a cryptanalysis of the Qu-Vanstone cryptosystem based on group factorizations. In: Kaliski, B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 198–212. Springer, Heidelberg (1997). doi:10.1007/BFb0052236
Nguyen, P.Q., Stehlé, D.: An LLL algorithm with quadratic complexity. SIAM J. Comput. 39(3), 874–903 (2009)
Shoup, V.: NTL, Number Theory C++ Library. http://www.shoup.net/ntl/
Acknowledgments
This paper is partially supported by: 973 Program grant 2013CB834205, NSF of China under grants No. 61502269, 61133013 and 61272035.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing AG
About this paper
Cite this paper
Bi, J., Liu, J. (2016). Cryptanalysis of a Privacy Preserving Auditing for Data Integrity Protocol from TrustCom 2013. In: Bao, F., Chen, L., Deng, R., Wang, G. (eds) Information Security Practice and Experience. ISPEC 2016. Lecture Notes in Computer Science(), vol 10060. Springer, Cham. https://doi.org/10.1007/978-3-319-49151-6_3
Download citation
DOI: https://doi.org/10.1007/978-3-319-49151-6_3
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-49150-9
Online ISBN: 978-3-319-49151-6
eBook Packages: Computer ScienceComputer Science (R0)