The audit module aims to verify the integrity of outsourced data. It consists of four processes: Challenge: In this process, the TPA challenges the CSP to verify the integrity of all outsourced replicas. The TPA sends c (number of blocks to challenge; 1≤ c ≤ n) and two distinct PRF keys to each challenge: k1 and k2. The pseudo-random function (PRF) encoded with k1 is used to generate c random indices that indicate the file blocks that the CSP should use to prove integrity. The PRF entered with k2 is used to generate yj random values ​​associated with each random index j and are used by the CSP when generating the response. Then, the challenge set Q = {(j, yj)} of pairs of indices and random values ​​is generated at the CSP. Answer: This process is executed by the CSP, upon receiving the challenge set Q, to generate a proof which is used in the verification equation. In this process, the CSP proves that it always correctly stores all file blocks. In the case of a single-copy file, the CSP calculates σ=〖∏_((j,y_j )∈Q)▒〖(σ_j 〗)〗^(y_j ) mod N, μ= ∑_((j, y_j)∈ Q)▒〖y_j. m_j〗. (4)In the multiple-copy version, the CSP calculates: μ_i= ∑_((j,y_j )∈Q)▒〖y_j. m_ij 〗, μ=∏_(i=1)^r▒μ_i , σ=〖∏_((j,y_j)∈Q)▒〖(σ_j 〗)〗^(y_j ) mod N. (5) Then the CSP sends the proof P={σ,μ} to the TPA.Verify: This process is executed by the TPA. It takes as input the public key pk, the challenge set Q and the proof P returned by the CSP. The TPA verifies the following verification equation in case of single-copy data audit:〖 σ^e=〗^? ∏_((j,y_j )∈Q)▒〖H(F_ID∥ j∥〗 T_j 〖 )〗^(y_j ).u^μ mod, (6) and this equation:〖 σ^e=〗^? (∏_((j,y_j )∈Q)▒〖H(F_ID∥j∥〗 T_j 〖 )〗^(y_j ...... middle of paper ......lock label, the CSP does not cannot use blocks from different files for proof generation and passes the verification algorithm even if the data owner uses the same secret key sk with all his files. This is due to the collision resistance property of everything. cryptographic hash algorithm, that is, it is impossible for a hash function to obtain two identical hash values ​​for different messages in the random Oracle model Secondly, due to the different value of the timestamp. Tj for each data block, the CSP cannot use the previous proof or the old versions of the contested blocks to generate the new proof. Finally, if any of the contested data blocks or their tags are corrupted or not. recent on the CSP, the CSP cannot pass the audit because the verification equation cannot be verified.□We illustrate in Table 3 the different assumptions used in the security proofs of our proposed scheme against the state of the art.