Cryptanalysis of a Privacy Preserving Auditing for Data Integrity Protocol from TrustCom 2013

Bi, Jingguo; Liu, Jiayang

doi:10.1007/978-3-319-49151-6_3

Jingguo Bi^17,18 &
Jiayang Liu¹⁹

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10060))

Included in the following conference series:

International Conference on Information Security Practice and Experience

1110 Accesses

Abstract

At TrustCom 2013, Govinda Ramaiah and Vijaya Kumari proposed a new protocol for verifying the integrity of the data stored at the remote cloud server, based on a practical version of homomorphic encryption based on integers. This protocol attempted to combine the data integrity and confidentiality in new ways. The authors claimed that the privacy guarantee of this new protocol is totally dependent on the security of the homomorphic encryption scheme. In this paper, we present a chosen-plaintext attack on this homomorphic encryption scheme. Our attack only needs to apply LLL algorithm twice on two small dimension lattices, and the experiments data shows that the user data can be recovered in seconds for the security parameters recommended by the authors. Hence, the privacy of the user data in this protocol can not be guaranteed and the security of this protocol is overestimated.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

Ajtai, M.: Generating random lattices according to the invariant distribution, Draft of March 2006
Google Scholar
Coron, J.-S., Lepoint, T., Tibouchi, M.: Scale-invariant fully homomorphic encryption over the integers. In: Krawczyk, H. (ed.) PKC 2014. LNCS, vol. 8383, pp. 311–328. Springer, Heidelberg (2014). doi:10.1007/978-3-642-54631-0_18
Chapter Google Scholar
Chen, Y., Paxson, V., Katz, R.H.: Whats new about cloud computing security. Technical report No. UCB/EECS-2010-5, University of California, Berkeley (2010)
Google Scholar
Cadé, D., Pujol, X., Stehlé, D.: FPLLL library, version 3.0 (2008) http://perso.ens-lyon.fr/damien.stehle
Cheon, J.H., Stehlé, D.: Fully homomophic encryption over the integers revisited. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 513–536. Springer, Heidelberg (2015). doi:10.1007/978-3-662-46800-5_20
Google Scholar
Galbraith, S.D., Gebregiyorgis, S.W., Murphy, S.: Algorithms for the approximate common divisor problem. In: Proceedings of ANTS 2016, to appear. http://eprint.iacr.org/2016/215
Juels, A., Kaliski Jr., B.S.: PoRs: proofs of retrievability for large files. In: Proceedings of ACM-CCS 2007, pp. 584–597 (2007)
Google Scholar
Shah, A.M., Swaminathan, R., Baker, M.: Privacy-preserving audit and extraction of digital contents. Cryptology ePrint Archive, Report 2008/186 (2008)
Google Scholar
Govinda Ramaiah, Y., Vijaya Kumari, G.: Complete privacy preserving auditing for data integrity in cloud computing. In: TrustCom 2013, pp. 1559–1566 (2013)
Google Scholar
Lenstra, A.K., Lenstra, H.W., Lovász, L.: Factoring polynomials with rational coefficients. Mathematische Ann. 261, 513–534 (1982)
MathSciNet MATH Google Scholar
Govinda Ramaiah, Y., Vijaya Kumari, G.: Efficient public key homomorphic encryption over integer plaintexts. In: ISIC 2012, pp. 126–131. IEEE (2012)
Google Scholar
Nguyen, P., Stern, J.: Merkle-Hellman revisited: a cryptanalysis of the Qu-Vanstone cryptosystem based on group factorizations. In: Kaliski, B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 198–212. Springer, Heidelberg (1997). doi:10.1007/BFb0052236
Chapter Google Scholar
Nguyen, P.Q., Stehlé, D.: An LLL algorithm with quadratic complexity. SIAM J. Comput. 39(3), 874–903 (2009)
Article MathSciNet MATH Google Scholar
Shoup, V.: NTL, Number Theory C++ Library. http://www.shoup.net/ntl/

Download references

Acknowledgments

This paper is partially supported by: 973 Program grant 2013CB834205, NSF of China under grants No. 61502269, 61133013 and 61272035.

Author information

Authors and Affiliations

Institute for Advanced Study, Tsinghua University, Beijing, 100084, China
Jingguo Bi
State Key Laboratory of Cryptology, P. O. Box 5159, Beijing, 100878, China
Jingguo Bi
Department of Computer Science and Technology, Tsinghua University, Beijing, 100084, China
Jiayang Liu

Authors

Jingguo Bi
View author publications
You can also search for this author in PubMed Google Scholar
Jiayang Liu
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jingguo Bi .

Editor information

Editors and Affiliations

Huawei International, Singapore, Singapore
Feng Bao
University of Surrey, Guilford, Surrey, United Kingdom
Liqun Chen
Singapore Management University, Singapore, Singapore
Robert H. Deng
Guangzhou University, Guangzhou, Guangdong, China
Guojun Wang

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Bi, J., Liu, J. (2016). Cryptanalysis of a Privacy Preserving Auditing for Data Integrity Protocol from TrustCom 2013. In: Bao, F., Chen, L., Deng, R., Wang, G. (eds) Information Security Practice and Experience. ISPEC 2016. Lecture Notes in Computer Science(), vol 10060. Springer, Cham. https://doi.org/10.1007/978-3-319-49151-6_3

Download citation

DOI: https://doi.org/10.1007/978-3-319-49151-6_3
Published: 05 November 2016
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-49150-9
Online ISBN: 978-3-319-49151-6
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics