An efficient and secure identity-based integrity auditing scheme for sensitive data with anti-replacement attack on multi-cloud storage

The rapid growth of cloud storage brings forth significant difficulties in ensuring the integrity of data owners' sensitive data. Multi-cloud storage systems, which motive to enhance trustworthiness, are vulnerable to rigorous replacement attacks. These insidious attacks involve malicious actors substituting legitimate data with counterfeit versions, leading to compromised integrity and fraudulent audit outcomes. We propose a novel identity-based data integrity auditing protocol tailored for multi-cloud storage environments to tackle this challenge. Our protocol leverages a Third-Party Auditor (TPA) to delegate data authenticity and auditing responsibilities, employing identity-based blind signatures with a robust data recovery scheme. By eliminating the need for cumbersome public key certificate management, our solution effectively protects data owners' sensitive data while ensuring confidentiality across multiple cloud providers, thereby mitigating the risk of replacement attacks. A thorough security examination shows the proposed system resists forging, replacement attacks, and data confidentiality violations. A rigorous performance experiment also reveals outstanding computational and communication efficiency that outperforms current methods in tag production, proof generation, and verification. Our protocol offers an extraordinary balance of security and efficiency, making it particularly useful for auditing patent-sensitive data in multi-cloud storage. Our proposal provides a timely and effective way to protect sensitive data and prevent attackers in multi-cloud storage settings at a time when replacement attacks pose a serious concern. (c) 2023 The Authors. Published by Elsevier B.V. on behalf of King Saud University. This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/).