International Association for Cryptologic Research

International Association
for Cryptologic Research

IACR News item: 30 June 2015

Cl\\\'{e}mentine Gritti, Willy Susilo, Thomas Plantard, Rongmao Chen
ePrint Report ePrint Report
An efficient Dynamic Provable Data Possession scheme with Public Verifiability and Data Privacy was recently published in ACISP\'15.

It appears that three attacks menace this scheme.

The first one enables the server to store only one block of a file $m$ and still pass the data integrity verification on any number of file blocks.

The second attack permits the server to keep the old version of a file block $m_{i}$ and the corresponding verification metadata $T_{m_{i}}$ after the client asked to modify them by sending the new version of these elements, and still pass the data integrity

verification.

The last attack allows the Third Party Auditor (TPA) to distinguish files when processing the data integrity checking.

In this paper, we propose several solution to overcome all the aforementioned issues.

For the two first attacks, we give two new constructions of the scheme, one using index-hash tables and the other based on the Merkle hash trees.

We compare the efficiency of these two new systems with the previous one.

For the third attack, we suggest a weaker security model for data privacy without modifying the current scheme and a new construction to enhance the security and to achieve the strongest data privacy notion.

Expand

Additional news items may be found on the IACR news page.