International Journal of Research

Provable data possession (PDP) is a probabilistic proof technique for cloud service providers (CSPs) to prove the clients’ data integrity without downloading the whole data. In 2012, Zhu et al. proposed the construction of an efficient PDP scheme for multi cloud storage. They studied the existence of multiple CSPs to cooperatively store and maintain the clients’ data. Then, based on homomorphic verifiable response and hash index hierarchy, they presented a cooperative PDP (CPDP) scheme from the bilinear pairings. They claimed that their scheme satisfied the security property of knowledge soundness. It is regretful that this comment shows that any malicious CSP or the malicious organizer (O) can generate the valid response which can pass the verification even if they have deleted all the stored data, i.e., Zhu et al.’s CPDP scheme cannot satisfy the property of knowledge soundness. Then, we discuss the origin and severity of the security flaws.
KEYWORDS: Provable Data Possession(PDP); Cloud Service Provider (CSP); Cooperative PDP(CPDP); Hash Index Hierarchy; Provable Data Possession; Proofs of Retrievability; Trusted Third Party (TTP); Third Party Auditor(TPA)