Security Analysis of a Verifiable Server-Aided Approximate Similarity Computation

In this work, we report security analysis of the recently proposed server-aided verifiable approximate set similarity computation protocol by Qiu et al. (Security in Cloud Computing 2016). This protocol uses a certain consistency check mechanism to verify the computation result returned by a potentially malicious server. According to the original paper, the proposed consistency check can identify a misconduct of the malicious server with high probability. We show the flaws in their analysis and design a set of attacks to break their protocols (including a generalized one). Experimental results are presented that demonstrate the effectiveness of our attacks.