Public auditing protocol is crucial for the success of cloud computing, as it can ensure the outsourced data in cloud server are not tampered by attackers. Due to its importance, public auditing protocol has received considerable attention in the past years. In 2015, Liu et al. proposed a privacy-preserving public auditing protocol for regenerating-code-based cloud storage (IEEE Transactions on Information Forensics and Security, 10(7):1513_1528, 2015) and claimed it is secure under the considered security model. However, in this article, we will show that their protocol is not as secure as they claimed, i.e., the proxy delegated by the data owner can forge an authenticator for any data block, which obviously invalidates their protocol’s security. We hope that by identifying the design flaw, similar weaknesses can be avoided in future protocol design.

中文翻译：

---

对__用于重新生成基于代码的云存储的隐私保护公共审计协议_的评论


公共审计协议对于云计算的成功至关重要，因为它可以确保云服务器中的外包数据不被攻击者篡改。由于其重要性，公共审计协议在过去几年中受到了相当多的关注。 2015 年，刘等人。提出了一种用于基于重新生成代码的云存储的隐私保护公共审计协议（IEEE Transactions on Information Forensics and Security, 10(7):1513_1528, 2015），并声称它在所考虑的安全模型下是安全的。然而，在本文中，我们将证明他们的协议并不像他们声称的那样安全，即数据所有者委托的代理可以伪造任何数据块的验证器，这显然使他们的协议的安全性失效。我们希望通过识别设计缺陷，可以在未来的协议设计中避免类似的弱点。