Comments on “A secure anti-collusion data sharing scheme for dynamic groups in the cloud”

Very recently, Zhu and Jiang (2016) [1] suggested a secure anti-collusion data sharing scheme for dynamic groups in the cloud. In this letter, we found that Zhu-Jiang's scheme is insecure against forgery attack in registration phase for existing users. Our proposed attack demonstrates that any outside adversary can masquerade as the group manager to issue invalid or expired secret keys to the existing group users. After that, we present our suggestion to tackle the problem without sacrificing any original characters (such as high efficiency and group-dynamicity) of the scheme.