The attack on DDIMT: Dynamic data and indirect mutual trust for cloud computing

Cloud computing offers a kind of on-demand computing method that lets users use IT resources such as network, operating system, hardware, software, application and so on when needing them. However, cloud computing faces many security issues including data integrity, data confidentiality and access control. Recently, Barsoum et al. presents a cloud-based data access scheme that allows the data owner to benefit from the facilities offered by the CSP and enables indirect mutual trust between them. They declare that their scheme can assure data integrity, newness and CSP´s defense. However, through our security analysis, their scheme still has some security vulnerabilities. It will easily suffer from the integrity attack, newness attack and CSP´s defense attack. In other words, Although CSP have corrupted the outsourced data or ignore the data-updated request issued by the owner, the CSP is able to cheat authorized user into passing through the integrity checking, On the contrary, the owner also accuses CSP of having corrupted the outsourced data, whereas in reality the CSP not.