Comments on “A secure anti-collusion data sharing scheme for dynamic groups in the cloud”

Very recently, Zhu and Jiang (2016) [1] suggested a secure anti-collusion data sharing scheme for dynamic groups in the cloud. In this letter, we found that Zhu–Jiang's scheme is insecure against forgery attack in registration phase for existing users. Our proposed attack demonstrates that any...

Full description

Saved in:
Bibliographic Details
Published inInformation processing letters Vol. 140; pp. 34 - 36
Main Authors Wang, Qiang, Zhang, Hao, Sun, Jianfei, Xiong, Hu, Qin, Zhiguang
Format Journal Article
LanguageEnglish
Published Elsevier B.V 01.12.2018
Subjects
Anti-collusion
Data sharing
Dynamic group
Forgery attack
Data sharing
Anti-collusion
Forgery attack
Dynamic group
Online AccessGet full text

Cover

More Information
Summary:Very recently, Zhu and Jiang (2016) [1] suggested a secure anti-collusion data sharing scheme for dynamic groups in the cloud. In this letter, we found that Zhu–Jiang's scheme is insecure against forgery attack in registration phase for existing users. Our proposed attack demonstrates that any outside adversary can masquerade as the group manager to issue invalid or expired secret keys to the existing group users. After that, we present our suggestion to tackle the problem without sacrificing any original characters (such as high efficiency and group-dynamicity) of the scheme. •Zhu and Jiang suggested a secure data sharing scheme for dynamic groups in the cloud.•We show that an attacker can personate the group manager to issue the private keys.•A fix is also suggested without losing any feature of the original scheme.
ISSN:0020-0190
1872-6119
DOI:10.1016/j.ipl.2018.04.005