Enhanced Certificateless Auditing Protocols for Cloud Data Management and Transformative Computation

作者:

Highlights:

• In this paper, we first discuss a typical example in the context of transformative computing: health care in the hospital and its outsourced data management in cloud servers. We point out certificateless storage auditing protocols can be used well in this context. The doctors need to do only a very little work to ensure the outsourced data on the cloud servers is unmodified. We also point out certificateless auditing protocols can be used in many other applications.

• We propose a cryptanalysis of two recently proposed certificateless public verifiable auditing protocols to protect against malicious auditors for cyber-physical-social system, namely, the SCLPV scheme by Zhang et al. and the scheme by Kang et al.

• We show that our proposed, improved versions of these two schemes can effectively address the identified security vulnerabilities, i.e., the forgeability of the tags in the SCLPV scheme and the forgeability of the semi-tags in the Kang et al. scheme. We also present a security analysis of the proposed improved protocols to demonstrate that they are more secure than their original counterparts. Our new protocols can be used as a very effective way for checking the integrity of outsourced cloud storage in the context of transformative computation.

摘要

•In this paper, we first discuss a typical example in the context of transformative computing: health care in the hospital and its outsourced data management in cloud servers. We point out certificateless storage auditing protocols can be used well in this context. The doctors need to do only a very little work to ensure the outsourced data on the cloud servers is unmodified. We also point out certificateless auditing protocols can be used in many other applications.•We propose a cryptanalysis of two recently proposed certificateless public verifiable auditing protocols to protect against malicious auditors for cyber-physical-social system, namely, the SCLPV scheme by Zhang et al. and the scheme by Kang et al.•We show that our proposed, improved versions of these two schemes can effectively address the identified security vulnerabilities, i.e., the forgeability of the tags in the SCLPV scheme and the forgeability of the semi-tags in the Kang et al. scheme. We also present a security analysis of the proposed improved protocols to demonstrate that they are more secure than their original counterparts. Our new protocols can be used as a very effective way for checking the integrity of outsourced cloud storage in the context of transformative computation.

论文关键词:

论文评审过程:Received 29 January 2020, Revised 28 April 2020, Accepted 1 May 2020, Available online 7 June 2020, Version of Record 7 June 2020.

论文官网地址:https://doi.org/10.1016/j.ipm.2020.102287