Due the advent of new wireless communication, Internet of Things (IoT) and cloud computing, outsourcing the data processing and management to the cloud servers has become a typical transformative computing paradigm. In this context, a cloud auditing protocol is an effective way to check the data integrity for cloud data management. We present a cryptanalysis of two recently proposed certificateless public verifiable auditing protocols, the Zhang et al.’s protocol and the Kang et al.’s protocol. We argue that the tags in the Zhang et al.’s protocol and the semi-tags in the Kang et al.’s protocol can be forged, leading to insecure protocols. We propose improved versions of both protocols and analyze their security and efficiency. Our new protocols can be used as a very effective way for checking the integrity of outsourced cloud storage in the context of transformative computation.

由于新的无线通信，物联网（IoT）和云计算的出现，将数据处理和管理外包到云服务器已成为一种典型的变革性计算范例。在这种情况下，云审核协议是检查数据完整性以进行云数据管理的有效方法。我们对两种最近提出的无证书的公共可验证审计协议（Zhang等人的协议和Kang等人的协议）进行了加密分析。我们认为，Zhang等人的协议中的标签和Kang等人的协议中的半标签可能是伪造的，从而导致协议不安全。我们提出了这两种协议的改进版本，并分析了它们的安全性和效率。