Cryptanalysis of an integrity checking scheme for cloud data sharing

Cloud storage provides an efficient way for users to work together as a group by sharing data with each other. However, since shared data can be accessed and modified by multiple users and group membership may be changed frequently, this new paradigm poses many challenges for keeping integrity of shared data. Recently, Yuan et al. proposed an efficient integrity checking scheme (IEEE INFOCOM 2014, doi: 10.1109/INFOCOM.2014.6848154) for cloud data sharing with multi-user modification, which had many appealing features. They claimed that the scheme is secure and efficient, and they also provided the formal security proof and the performance evaluation. Regretfully, existing two security flaws in Yuan et al.'s scheme are pointed out in this letter. Specifically, by fooling the third-party auditor (TPA) into trusting that the data is well maintained by the cloud server, an adversary can process the following two deceiving methods. Firstly, the adversary can modify the shared data and tamper with the interaction messages between the cloud server and the TPA, thus invalidating shared data integrity checking. Secondly, an adversary, who records a fraction of the cloud-stored data, can overwrite the vast majority of the shared data by using the recorded data and passing shared data integrity verification. Furthermore, we suggest a solution to the two security flaws while retaining all the desirable features of the original scheme.