Privacy-Preserving Public Auditing for Shared Cloud Data With Secure Group Management

Abstract

With cloud storage services, users can store their data in the cloud and efficiently access the data at any time and any location. However, when data are stored in the cloud, there is a risk of data loss because users lose direct control over their data. To solve this problem, many cloud storage auditing techniques have been studied. In 2019, Tian et al. proposed a public auditing scheme for shared data that supports data privacy, identity traceability, and group dynamics. In this paper, we point out that their scheme is insecure against tag forgery or proof forgery attacks, which means that, even if the cloud server has deleted some outsourced data, it can still generate valid proof that the server had accurately stored the data. We then propose a new scheme that provides the same functionalities and is secure against the above attacks. Moreover, we compare the results with other schemes in terms of computation and communication costs.