In 2013, the revelation of Edward Snowden rekindled cryptographic researchers’ interest in subversion attacks. Since then, many works have been carried out to explore the power of subversion attacks and feasible effective countermeasures as well. In this work, we investigate the study of subversion attacks against cloud auditing protocol, which has been well-known as useful primitive for secure cloud storage. We demonstrate that subverted auditing protocol enables the cloud server to recover secret information stored on the data owner side. Particularly, we first define an asymmetric subversion attack model for auditing protocol. This model serves as the principle for analyzing the undetectability and key recovery of subversion attacks against auditing protocols. We then show a general framework of asymmetric subversion attacks against auditing protocols with index-coefficient challenge. To illustrate the feasibility of our paradigm, several concrete auditing protocols are provided. As a feasible countermeasure, we propose a subversion-resilient auditing protocol with index-coefficient challenge.

中文翻译：

---

针对颠覆攻击的审计协议的安全性

2013 年，爱德华·斯诺登的揭露重新点燃了密码学研究人员对颠覆攻击的兴趣。从那时起，已经开展了许多工作来探索颠覆攻击的威力以及可行的有效对策。在这项工作中，我们调查了针对云审计协议的颠覆攻击的研究，该协议被公认为是安全云存储的有用原语。我们证明了颠覆性审计协议使云服务器能够恢复存储在数据所有者端的秘密信息。特别是，我们首先为审计协议定义了一个非对称颠覆攻击模型。该模型作为分析针对审计协议的颠覆攻击的不可检测性和密钥恢复的原理。然后，我们展示了针对具有索引系数挑战的审计协议的非对称颠覆攻击的一般框架。为了说明我们范式的可行性，提供了几个具体的审计协议。作为一种可行的对策，我们提出了一种具有索引系数挑战的颠覆弹性审计协议。