Paper 2022/581

Cryptanalysis of an Identity-Based Provable Data Possession Protocol with Compressed Cloud Storage

Lidong Han, Guangwu Xu, Qi Xie, Xiao Tan, and Chengliang Tian

Abstract

This letter addresses some security issues of an identity-based provable data possession protocol with compressed cloud storage (published in IEEE TIFS, doi:10.1109/TIFS.2022. 3159152). Some serious flaws are identified and an attack to the protocol is designed. This attack is able to recover the ephemeral secret keys from two encrypted blocks with high probability to reveal the original plaintext file completely. Moreover, an adversary can impersonate a data owner to outsource any file to the cloud in a malicious way. The main ingredients of the attack is some classical number theoretic results.

Note: This letter presents an analysis of the PDP protocol IBPDP-CCS proposed by Yang et al.. Some serious security flaws are identified and an attack to IBPDP-CCS is described. An attacker is able to recover all encrypted blocks with high probability without knowing the secret key of the owner. Furthermore, an adversary can impersonate the data owner to outsource files to the cloud.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint. MINOR revision.
Keywords
Cryptanalysis
Contact author(s)
ldhan @ hznu edu cn
History
2022-05-20: revised
2022-05-16: received
See all versions
Short URL
https://ia.cr/2022/581
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2022/581,
      author = {Lidong Han and Guangwu Xu and Qi Xie and Xiao Tan and Chengliang Tian},
      title = {Cryptanalysis of an Identity-Based Provable Data	Possession Protocol with Compressed Cloud Storage},
      howpublished = {Cryptology ePrint Archive, Paper 2022/581},
      year = {2022},
      note = {\url{https://eprint.iacr.org/2022/581}},
      url = {https://eprint.iacr.org/2022/581}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.