Another Look at Ciphertext Updating Algorithms for Cloud Storage

Ciphertext updating is a basic requirement for cloud storage, such as updating the data contents for the data owners, revoking the old data users and sharing the encrypted data contents for new users etc. Recently, several famous ciphertext updating algorithms for cloud storage have been proposed. However, we observe that almost all of them relying the cloud to implement this updating without any auditing mechanism. But we know the cloud can only be semi-trusted, without any auditing mechanism the cloud can implement the updating algorithm with arbitrary departure, such as replacing the original ciphertexts with any new invalid ciphertexts as the updating algorithm´s output. By reviewing of these algorithms, we give another look on the security of them. We think the security weakness is essential, and thus new techniques to implement ciphertext updating for cloud storage but with efficient (public or private) auditing mechanism should be urgently developed if these updating algorithms will be adapted in practical applications.