Aimming at the problem of leaking privacy to Third-Party Auditors (TPA) and initiating alternative attacks by Cloud Storage Server (CSS) in public auditing, a new public auditing scheme of data integrity for public cloud was proposed. Firstly, the hash value obfuscation method was used to obfuscate the evidence returned by the cloud storage server to prevent TPA from analyzing and calculating the original data. Then during the audit process, TPA itself calculated the overlay tree of the Merkle Hash Tree (MHT) corresponding to the challenge request, and matched with the overlay tree returned by CSS to prevent the cloud storage server from responding to audit challenges with other existing data. Experimental results show that the performance in terms of computational overhead, storage overhead and communication overhead does not change by orders of magnitude after solving the privacy and attack problems of the existing scheme.