Sieve: Cryptographically Enforced Access Control for User Data in Untrusted Clouds
|
|
|
- Raymond Fields
- 5 years ago
- Views:
Transcription
1 Sieve: Cryptographically Enforced Access Control for User Data in Untrusted Clouds Frank Wang (MIT CSAIL), James Mickens (Harvard), Nickolai Zeldovich (MIT CSAIL), Vinod Vaikuntanathan (MIT CSAIL) 1
2 Motivation Boston Marathon NY Marathon FitBit Cloud Server Insurance 2
3 Motivation Boston Marathon NY Marathon FitBit Cloud Server Insurance 2
4 Motivation Boston Marathon NY Marathon FitBit Cloud Server Insurance 2
5 Motivation type=race Boston Marathon type=running NY Marathon FitBit Cloud Server type=fitness Insurance 2
6 Problem: Curious storage provider or external attacker type=race Boston Marathon type=running NY Marathon FitBit Cloud Server type=fitness Insurance 3
7 Problem: Curious storage provider or external attacker type=race Boston Marathon type=running NY Marathon FitBit Cloud Server type=fitness Insurance 3
8 Naïve Approach: Encrypt Data under 1 key type=race Boston Marathon type=running NY Marathon FitBit Cloud Server type=fitness Insurance 4
9 Naïve Approach: Encrypt Data under 1 key type=race Boston Marathon type=running NY Marathon FitBit Cloud Server type=fitness Insurance 4
10 Naïve Approach: Encrypt Data under 1 key type=race Boston Marathon type=running NY Marathon FitBit Cloud Server type=fitness Insurance 4
11 Naïve Approach: Encrypt Data under 1 key How does the user selectively disclose her data? type=race Boston Marathon type=running NY Marathon FitBit Cloud Server type=fitness Insurance 4
12 Another Approach: Encrypt each piece of data individually type=race Boston Marathon type=running FitBit Cloud Server type=fitness NY Marathon Insurance 5
13 Another Approach: Encrypt each piece of data individually type=race Boston Marathon type=running FitBit Cloud Server type=fitness NY Marathon Insurance 5
14 Another Approach: Encrypt each piece of data individually type=race Boston Marathon type=running FitBit Cloud Server type=fitness NY Marathon Insurance 5
15 Another Approach: Encrypt each piece of data individually type=race Boston Marathon type=running FitBit Cloud Server type=fitness NY Marathon Insurance 5
16 Contributions Sieve: a new platform that allows users to selectively and securely disclose their data Sieve protects against server compromise Sieve hides key management from users Reasonable performance Sieve supports revocation Sieves allows users to recover from device loss Good for web services that analyze user data 6
17 Outline Sieve Protocol Optimizations Revocation Device Loss Implementation Evaluation 7
18 Sieve Overview 8
19 User Sieve Overview Storage Provider Web services 8
20 User Sieve Overview Storage Provider Web services Sieve user client Sieve storage daemon Sieve data import 8
21 User Sieve Overview Storage Provider Web services Sieve user client Location=US, Year=2012, Type=fitness Year=2015, Type=financial Sieve storage daemon Sieve data import 8
22 User Sieve Overview Storage Provider Web services Sieve user client Sieve storage daemon Location=US, Year=2012, Type=fitness Year=2015, Type=financial Sieve data import 8
23 User Sieve Overview Storage Provider Web services Sieve user client (Year < 2013 AND Type=Fitness ) Sieve storage daemon Location=US, Year=2012, Type=fitness Year=2015, Type=financial Sieve data import 8
24 User Sieve Overview Storage Provider Web services Sieve user client Sieve storage daemon Location=US, Year=2012, Type=fitness Sieve data import Year=2015, Type=financial (Year < 2013 AND Type=Fitness ) 8
25 User Sieve Overview Storage Provider Web services Sieve user client Sieve storage daemon Sieve data import Location=US, Year=2012, Type=fitness Year=2015, Type=financial (Year < 2013 AND Type=Fitness ) Location=US, Year=2012, Type=fitness 8
26 User Sieve Overview Storage Provider Web services Sieve user client Sieve storage daemon Sieve data import Location=US, Year=2012, Type=fitness Year=2015, Type=financial (Year < 2013 AND Type=Fitness ) Location=US, Year=2012, Type=fitness 8
27 User Sieve Overview Storage Provider Web services Sieve user client Sieve storage daemon Sieve data import Location=US, Year=2012, Type=fitness Year=2015, Type=financial (Year < 2013 AND Type=Fitness ) Location=US, Year=2012, Type=fitness 8
28 Threat Model Storage provider is a passive adversary Adversary can read all data Follows protocol Web services trusted with user data they are given access to User and her devices trusted 9
29 Our approach: Attribute-based encryption (ABE) Assume that user-specific ABE public/private key pair Three main functions 10
30 Our approach: Attribute-based encryption (ABE) Assume that user-specific ABE public/private key pair Three main functions GenerateDecKey Encrypt Decrypt 10
31 Our approach: Attribute-based encryption (ABE) Assume that user-specific ABE public/private key pair Three main functions Policy: (Year < 2013 AND type=fitness) private GenerateDecKey Encrypt Decrypt 10
32 Our approach: Attribute-based encryption (ABE) Assume that user-specific ABE public/private key pair Three main functions Policy: (Year < 2013 AND type=fitness) private GenerateDecKey Encrypt (Year < 2013 AND Type=Fitness ) Decrypt 10
33 Our approach: Attribute-based encryption (ABE) Assume that user-specific ABE public/private key pair Three main functions Policy: (Year < 2013 AND type=fitness) Attributes: Location=US, Year=2012, Type=fitness private public GenerateDecKey Encrypt Decrypt (Year < 2013 AND Type=Fitness ) 10
34 Our approach: Attribute-based encryption (ABE) Assume that user-specific ABE public/private key pair Three main functions Policy: (Year < 2013 AND type=fitness) Attributes: Location=US, Year=2012, Type=fitness private public GenerateDecKey Encrypt Decrypt (Year < 2013 AND Type=Fitness ) Location=US, Year=2012, Type=fitness 10
35 Our approach: Attribute-based encryption (ABE) Assume that user-specific ABE public/private key pair Three main functions Policy: (Year < 2013 AND type=fitness) Attributes: Location=US, Year=2012, Type=fitness Location=US, Year=2012, Type=fitness private public (Year < 2013 AND Type=Fitness ) GenerateDecKey Encrypt Decrypt (Year < 2013 AND Type=Fitness ) Location=US, Year=2012, Type=fitness 10
36 Our approach: Attribute-based encryption (ABE) Assume that user-specific ABE public/private key pair Three main functions Policy: (Year < 2013 AND type=fitness) Attributes: Location=US, Year=2012, Type=fitness Location=US, Year=2012, Type=fitness private public (Year < 2013 AND Type=Fitness ) GenerateDecKey Encrypt Decrypt (Year < 2013 AND Type=Fitness ) Location=US, Year=2012, Type=fitness 10
37 Our approach: Attribute-based encryption (ABE) Assume that user-specific ABE public/private key pair Three main functions Policy: (Year < 2013 AND type=fitness) Attributes: Location=US, Year=2012, Type=fitness Location=US, Year=2012, Type=fitness private public (Year < 2013 AND Type=Fitness ) GenerateDecKey Encrypt Decrypt Note: attributes and policy are in cleartext (Year < 2013 AND Type=Fitness ) Location=US, Year=2012, Type=fitness 10
38 User Sieve with ABE Storage Provider Web services Sieve user client Sieve storage daemon Sieve data import 11
39 User Sieve with ABE Storage Provider Web services Sieve user client Sieve storage daemon Sieve data import ABE Encrypt Location=US, Year=2012, Type=fitness Year=2015, Type=financial 11
40 User Sieve with ABE Storage Provider Web services ABE Encrypt Sieve user client Sieve storage daemon Location=US, Year=2012, Type=fitness Year=2015, Type=financial Sieve data import 11
41 User Sieve with ABE Storage Provider Web services ABE Encrypt Sieve user client (Year < 2013 AND Type=Fitness ) ABE GenerateDecKey Sieve storage daemon Location=US, Year=2012, Type=fitness Year=2015, Type=financial Sieve data import 11
42 User Sieve with ABE Storage Provider Web services ABE Encrypt Sieve user client ABE GenerateDecKey Sieve storage daemon Location=US, Year=2012, Type=fitness Year=2015, Type=financial Sieve data import (Year < 2013 AND Type=Fitness ) 11
43 User Sieve with ABE Storage Provider Web services ABE Encrypt Sieve user client ABE GenerateDecKey Sieve storage daemon Location=US, Year=2012, Type=fitness Year=2015, Type=financial Sieve data import (Year < 2013 AND Type=Fitness ) Location=US, Year=2012, Type=fitness 11
44 User Sieve with ABE Storage Provider Web services ABE Encrypt Sieve user client ABE GenerateDecKey Sieve storage daemon Location=US, Year=2012, Type=fitness Year=2015, Type=financial Sieve data import (Year < 2013 AND Type=Fitness ) ABE Decrypt Location=US, Year=2012, Type=fitness 11
45 Performance Revocation Device Loss Challenges with ABE 12
46 Reduce ABE Operations ABE is a public-key cryptosystem so slower than key cryptography Optimizations Hybrid Encryption Storage-based data structure 13
47 Hybrid Encryption 14
48 Hybrid Encryption 14
49 Hybrid Encryption Data 14
50 Hybrid Encryption GUID ABE Data 14
51 Hybrid Encryption Metadata block GUID ABE Data 14
52 Hybrid Encryption Metadata block GUID ABE Index Attr1 Attr2 Attr3 Attr4 Attr5 meta meta meta meta meta Data Index GUID1 GUID2 GUID3 GUID4 GUID5 data data data data data 14
53 Hybrid Encryption Metadata block GUID ABE Index Attr1 Attr2 Attr3 Attr4 Attr5 meta meta meta meta meta Data Index GUID1 GUID2 GUID3 GUID4 GUID5 data data data data data 14
54 Hybrid Encryption Metadata block GUID ABE Index Attr1 Attr2 Attr3 Attr4 Attr5 meta meta meta meta meta Data Index GUID1 GUID2 GUID3 GUID4 GUID5 data data data data data Only have to perform key operations in future 14
55 Storage-based data structure Extension of hybrid encryption 15
56 Storage-based data structure Extension of hybrid encryption Data Data Data 15
57 Storage-based data structure Extension of hybrid encryption GUID GUID GUID Data Data Data 15
58 Storage-based data structure Extension of hybrid encryption GUID GUID GUID GUID ABE Data Data Data 15
59 Storage-based data structure Extension of hybrid encryption GUID GUID GUID GUID ABE Data Data Data 15
60 Performance Revocation Device Loss Challenges with ABE 16
61 Revocation type=race Boston Marathon type=running FitBit Cloud Server type=fitness NY Marathon Insurance 17
62 Revocation type=race Boston Marathon type=running FitBit Cloud Server type=fitness NY Marathon Insurance 17
63 Revocation type=race Boston Marathon type=running FitBit Cloud Server type=fitness NY Marathon Insurance 17
64 Revocation type=race Boston Marathon type=running FitBit Cloud Server Web service still has cached keys Need to re-encrypt data type=fitness NY Marathon Insurance 17
65 Re-encryption with Hybrid Encryption Need to re-encrypt metadata and data Easy to re-encrypt metadata block How do we re-encrypt data object? Download, re-encrypt, and upload Requires substantial bandwidth and client-side computation 18
66 Solution: Key Homomorphism Allows changing key in encrypted data Symmetric cipher that provides in-place reencryption Does not learn old key, new key, or plaintext More specifics on scheme are in the paper 19
67 Full Revocation Process Metadata Block ABE (attrs, epoch = 0) Data 20
68 Full Revocation Process Metadata Block ABE (attrs, epoch = 0) Data 20
69 Full Revocation Process Metadata Block ABE (attrs, epoch = 0) Data δ(, ) 20
70 Full Revocation Process Metadata Block ABE (attrs, epoch = 0) Data δ(, ) 20
71 Full Revocation Process Metadata Block ABE (attrs, epoch = 0) Data δ(, ) 20
72 Full Revocation Process Metadata Block ABE (attrs, epoch = 0) Data δ(, ) ABE (attrs, epoch = 1) 20
73 Full Revocation Process Metadata Block ABE (attrs, epoch = 0) Data δ(, ) ABE (attrs, epoch = 1) 20
74 Full Revocation Process Metadata Block ABE (attrs, epoch = 0) Data δ(, ) ABE (attrs, epoch = 1) Issue new keys to web services whose data access has been changed and affected by revocation 20
75 Performance Revocation Device Loss Challenges with ABE 21
76 What if a user loses her device? User has ABE private key Loss of key requires reset of system Re-encrypting all her data and issuing new keys Is there a way for a user to recover from device loss? 22
77 Solution: Secret sharing User splits her ABE private key across devices Requires a threshold to reconstruct secret Reconstruct before using ABE private key When a device is lost, gathers devices to reconstruct secret and issue new shares 23
78 Outline Sieve Protocol Optimizations Revocation Device Loss Implementation Evaluation 24
79 Sieve Implementation Cryptography: Libfenc with Stanford PBC for ABE AES (no revocation) and randomized counter mode with Ed448 (revocation) 25
80 Sieve Implementation User Cryptography: Libfenc with Stanford PBC for ABE AES (no revocation) and randomized counter mode with Ed448 (revocation) Storage Provider Web services Sieve user client Sieve storage daemon Sieve data import ~1400 LoC ~1000 LoC Service-specific MongoDB and BerkeleyDB 25
81 Evaluation Is it easy to integrate Sieve into existing web services? Can web services achieve reasonable performance while using Sieve? 26
82 Evaluation Setup Multicore machine, 2.4 GHz Intel Xeon Web servers ran on machine s loopback Minimize network latency Focus on cryptographic overheads 27
83 Case Studies Integrated with 2 open source web services Open mhealth, health: small data Visualize health data One week s health data: 6 KB Piwigo, photo: large data Edit and display photos One photo: 375 KB 28
84 Easy to integrate with Sieve Lines of code required for integration Open mhealth: ~ 200 lines Piwigo: ~ 250 lines 29
85 Acceptable performance for Open mhealth and Piwigo Ed448 with key caching Seconds Write Read 0 Open mhealth Piwigo 30
86 Performance gap between AES and Ed Seconds Write Read 0 Open mhealth Ed448 Open mhealth AES 31
87 Server per-core throughput is good Open mhealth Storage write: 50 MB/s Web service import: 70 users/min (Ed448) Piwigo Storage write: 200 MB/s Web service import: 14 photos/min (Ed448) 32
88 Revocation performance is reasonable Re-encrypt a metadata block (10 attrs): 0.63 s Re-key 100 KB data block: 0.66 s Generate new 10 attribute key: 0.46 s 33
89 Secret sharing is fast For 5 shares and threshold of 2: Splitting ABE key requires 0.04 ms Reconstructing key requires 0.09 ms 34
90 Summary Required < 250 LoC to integrate with case studies Read and write data in reasonable amount of time Good per-core server throughput for storage writes and application data imports Revocation functions take < 1 second Secret sharing takes negligible time 35
91 Related Work Untrusted Servers ShadowCrypt, SUNDR, Depot, SPORC, CryptDB, DepSky, Bstore, Mylar, Privly ABE and Predicate Encryption Storage Persona, Priv.io, Catchet (ABE) GORAM (Predicate) Access Delegation Schemes OAuth, AAuth, Macaroons 36
92 Untrusted Servers Related Work ShadowCrypt, SUNDR, Depot, SPORC, CryptDB, DepSky, Solve different problems than Sieve Bstore, Mylar, Privly ABE and Predicate Encryption Storage Persona, Priv.io, Catchet (ABE) GORAM (Predicate) Access Delegation Schemes OAuth, AAuth, Macaroons 36
93 Untrusted Servers Related Work ShadowCrypt, SUNDR, Depot, SPORC, CryptDB, DepSky, Solve different problems than Sieve Bstore, Mylar, Privly ABE and Predicate Encryption Storage Persona, Priv.io, Catchet (ABE) No complete revocation and/or ability to recover from device loss GORAM (Predicate) Access Delegation Schemes OAuth, AAuth, Macaroons 36
94 Untrusted Servers Related Work ShadowCrypt, SUNDR, Depot, SPORC, CryptDB, DepSky, Solve different problems than Sieve Bstore, Mylar, Privly ABE and Predicate Encryption Storage Persona, Priv.io, Catchet (ABE) No complete revocation and/or ability to recover from device loss GORAM (Predicate) Access Delegation Schemes OAuth, AAuth, Macaroons Less secure and expressive than Sieve 36
95 Conclusions Sieve is a new access control system that allows users to selectively and securely expose their private cloud data to web services Efficiently use ABE to manage keys and policies Complete revocation scheme compatible with hybrid encryption using key homomorphism Easy to integrate and reasonable performance 37
Cryptographically Enforced Access Control for User Data in Untrusted Clouds. Frank Yi-Fei Wang
Cryptographically Enforced Access Control for User Data in Untrusted Clouds by Frank Yi-Fei Wang Submitted to the Department of Electrical Engineering and Computer Science in partial fulfillment of the
Authenticated Storage Using Small Trusted Hardware Hsin-Jung Yang, Victor Costan, Nickolai Zeldovich, and Srini Devadas
Authenticated Storage Using Small Trusted Hardware Hsin-Jung Yang, Victor Costan, Nickolai Zeldovich, and Srini Devadas Massachusetts Institute of Technology November 8th, CCSW 2013 Cloud Storage Model
CloudSky: A Controllable Data Self-Destruction System for Untrusted Cloud Storage Networks
CloudSky: A Controllable Data Self-Destruction System for Untrusted Cloud Storage Networks The material in these slides mainly comes from the paper CloudSky: A Controllable Data Self-Destruction System
Mylar. xd5d1db5abce2356d51db5aab23d abbce23352abc x435acb734352a12cad5d1db5abce2356d51db acb2312aaab23!
Mylar Building web applica/ons on top of encrypted data xd5d1db5abce2356d51db5aab23d5321535abbce23352abc4352314987 x435acb734352a12cad5d1db5abce2356d51db5345323acb2312aaab23! Raluca Ada Popa, Emily Stark,
Splinter: Practical Private Queries on Public Data
Splinter: Practical Private Queries on Public Data Frank Wang, Catherine Yun, Shafi Goldwasser, Vinod Vaikuntanathan (MIT CSAIL), and Matei Zaharia (Stanford) 1 Users regularly perform online searches
1.264 Lecture 27. Security protocols Symmetric cryptography. Next class: Anderson chapter 10. Exercise due after class
1.264 Lecture 27 Security protocols Symmetric cryptography Next class: Anderson chapter 10. Exercise due after class 1 Exercise: hotel keys What is the protocol? What attacks are possible? Copy Cut and
FADE: A Secure Overlay Cloud Storage System with Access Control and Assured Deletion. Patrick P. C. Lee
FADE: A Secure Overlay Cloud Storage System with Access Control and Assured Deletion Patrick P. C. Lee 1 Cloud Storage is Emerging Cloud storage is now an emerging business model for data outsourcing Individual
Public-key Cryptography: Theory and Practice
Public-key Cryptography Theory and Practice Department of Computer Science and Engineering Indian Institute of Technology Kharagpur Chapter 1: Overview What is Cryptography? Cryptography is the study of
ESP Egocentric Social Platform
ESP Egocentric Social Platform T. J. Purtell, Ian Vo, Monica S. Lam With: Kanak Biscuitwala, Willem Bult, Dan Boneh, Ben Dodson, Steve Fan, and Frank Wang, Global Social Platforms Ideal for Meeting strangers
Processing Analytical Queries over Encrypted Data
Processing Analytical Queries over Encrypted Data Stephen Tu M. Frans Kaashoek Sam Madden Nickolai Zeldovich VLDB 2013 Introduction MONOMI a system for securely executing analytical queries over sensitive
Cryptography III. Public-Key Cryptography Digital Signatures. 2/1/18 Cryptography III
Cryptography III Public-Key Cryptography Digital Signatures 2/1/18 Cryptography III 1 Public Key Cryptography 2/1/18 Cryptography III 2 Key pair Public key: shared with everyone Secret key: kept secret,
Clock-Based Proxy Re-encryption Scheme in Unreliable Clouds
Clock-Based Proxy Re-encryption Scheme in Unreliable Clouds Qin Liu [1][2], Guojun Wang [1], and Jie Wu [2], [1] Central South University, China [2] Temple University, USA 1 Outline 1. 1. Introduction
Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls Overview Cryptography functions Secret key (e.g., DES) Public key (e.g., RSA) Message
Intel Software Guard Extensions (Intel SGX) Memory Encryption Engine (MEE) Shay Gueron
Real World Cryptography Conference 2016 6-8 January 2016, Stanford, CA, USA Intel Software Guard Extensions (Intel SGX) Memory Encryption Engine (MEE) Shay Gueron Intel Corp., Intel Development Center,
HIGH LEVEL SECURITY IMPLEMENTATION IN DATA SHARING ON SOCIAL WEBSITES
HIGH LEVEL SECURITY IMPLEMENTATION IN DATA SHARING ON SOCIAL WEBSITES P.Senthil Kumar 1 Associate professor, PSNA college of engineering and technology,dindigul,tamilnadu,india Abstract: With the recent
Secure Multiparty Computation
CS573 Data Privacy and Security Secure Multiparty Computation Problem and security definitions Li Xiong Outline Cryptographic primitives Symmetric Encryption Public Key Encryption Secure Multiparty Computation
Distributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015
Distributed Systems 26. Cryptographic Systems: An Introduction Paul Krzyzanowski Rutgers University Fall 2015 1 Cryptography Security Cryptography may be a component of a secure system Adding cryptography
Building systems that compute on encrypted data
? xd51db5 X9ce568 xab2356 x453a32 xe891a1 X32e1dc xdd0135 x63ab12 Building systems that compute on encrypted data Raluca Ada Popa MIT Compromise of confidential data is prevalent Problem setup clients
Computer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 08. Cryptography Part II Paul Krzyzanowski Rutgers University Spring 2018 March 23, 2018 CS 419 2018 Paul Krzyzanowski 1 Block ciphers Block ciphers encrypt a block of plaintext at a
6.857 L17. Secure Processors. Srini Devadas
6.857 L17 Secure Processors Srini Devadas 1 Distributed Computation Example: Distributed Computation on the Internet (SETI@home, etc.) Job Dispatcher Internet DistComp() { x = Receive(); result = Func(x);
Using cryptography in databases and web applica4ons
Using cryptography in databases and web applica4ons Nickolai Zeldovich MIT CSAIL Joint work with Raluca Ada Popa, Stephen Tu, Emily Stark, Jonas Helfer, Steven Valdez, Hari Balakrishnan, Frans Kaashoek,
Cryptographic Systems
CPSC 426/526 Cryptographic Systems Ennan Zhai Computer Science Department Yale University Recall: Lec-10 In lec-10, we learned: - Consistency models - Two-phase commit - Consensus - Paxos Lecture Roadmap
Encrypted Data Deduplication in Cloud Storage
Encrypted Data Deduplication in Cloud Storage Chun- I Fan, Shi- Yuan Huang, Wen- Che Hsu Department of Computer Science and Engineering Na>onal Sun Yat- sen University Kaohsiung, Taiwan AsiaJCIS 2015 Outline
Privacy-Preserving Using Data mining Technique in Cloud Computing
Cis-601 Graduate Seminar Privacy-Preserving Using Data mining Technique in Cloud Computing Submitted by: Rajan Sharma CSU ID: 2659829 Outline Introduction Related work Preliminaries Association Rule Mining
Computer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 08r. Pre-exam 2 Last-minute Review Cryptography Paul Krzyzanowski Rutgers University Spring 2018 March 26, 2018 CS 419 2018 Paul Krzyzanowski 1 Cryptographic Systems March 26, 2018 CS
CRYPTOGRAPHIC PROTOCOLS: PRACTICAL REVOCATION AND KEY ROTATION
#RSAC SESSION ID: CRYP-W04 CRYPTOGRAPHIC PROTOCOLS: PRACTICAL REVOCATION AND KEY ROTATION Adam Shull Recent Ph.D. Graduate Indiana University Access revocation on the cloud #RSAC sk sk Enc Pub Sym pk k
1.264 Lecture 28. Cryptography: Asymmetric keys
1.264 Lecture 28 Cryptography: Asymmetric keys Next class: Anderson chapters 20. Exercise due before class (Reading doesn t cover same topics as lecture) 1 Asymmetric or public key encryption Receiver
BLOWFISH ALGORITHM ON ITS OWN CLOUD COMPUTER PERFORMANCE AND IMPLEMENTATION
132 International Journal of Research in Computer Applications And Robotics, x(x): xx-xx INTERNATIONAL JOURNAL OF RESEARCH IN COMPUTER APPLICATIONS AND ROBOTICS ISSN 2320-7345 BLOWFISH ALGORITHM ON ITS
Public-Key Cryptography. Professor Yanmin Gong Week 3: Sep. 7
Public-Key Cryptography Professor Yanmin Gong Week 3: Sep. 7 Outline Key exchange and Diffie-Hellman protocol Mathematical backgrounds for modular arithmetic RSA Digital Signatures Key management Problem:
CS573 Data Privacy and Security. Cryptographic Primitives and Secure Multiparty Computation. Li Xiong
CS573 Data Privacy and Security Cryptographic Primitives and Secure Multiparty Computation Li Xiong Outline Cryptographic primitives Symmetric Encryption Public Key Encryption Secure Multiparty Computation
Computer Security 3/23/18
s s encrypt a block of plaintext at a time and produce ciphertext Computer Security 08. Cryptography Part II Paul Krzyzanowski DES & AES are two popular block ciphers DES: 64 bit blocks AES: 128 bit blocks
STRONG DATA PRIVACY AND SECURITY FOR THE IOT
STRONG DATA PRIVACY AND SECURITY FOR THE IOT François Ambrosini, ETSI TC CYBER STF 529, IBIT Ambrosini UG Extending access control in onem2m systems with Attribute Based Encryption Outline Introduction
Pass, No Record: An Android Password Manager
Pass, No Record: An Android Password Manager Alex Konradi, Samuel Yeom December 4, 2015 Abstract Pass, No Record is an Android password manager that allows users to securely retrieve passwords from a server
Parallelizing Cryptography. Gordon Werner Samantha Kenyon
Parallelizing Cryptography Gordon Werner Samantha Kenyon Outline Security requirements Cryptographic Primitives Block Cipher Parallelization of current Standards AES RSA Elliptic Curve Cryptographic Attacks
Cryptography CS 555. Topic 16: Key Management and The Need for Public Key Cryptography. CS555 Spring 2012/Topic 16 1
Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography CS555 Spring 2012/Topic 16 1 Outline and Readings Outline Private key management between two parties Key management
Key Establishment and Authentication Protocols EECE 412
Key Establishment and Authentication Protocols EECE 412 1 where we are Protection Authorization Accountability Availability Access Control Data Protection Audit Non- Repudiation Authentication Cryptography
Remote Data Checking for Network Codingbased. Distributed Storage Systems
CCSW 0 Remote Data Checking for Network Coding-based Bo Chen, Reza Curtmola, Giuseppe Ateniese, Randal Burns New Jersey Institute of Technology Johns Hopkins University Motivation Cloud storage can release
Leveraging Intel SGX to Create a Nondisclosure Cryptographic library
CS 2530 - Computer and Network Security Project presentation Leveraging Intel SGX to Create a Nondisclosure Cryptographic library Mohammad H Mofrad & Spencer L Gray University of Pittsburgh Thursday, December
AoT: Authentication and Access Control for the Entire IoT Device Life-Cycle
AoT: Authentication and Access Control for the Entire IoT Device Life-Cycle Noura Alomar November 7th, 2018 1 AoT The AoT paper is one of the earliest and most cited papers on IoT defense and it considers
TRUSTSHADOW: SECURE EXECUTION OF UNMODIFIED APPLICATIONS WITH ARM TRUSTZONE Florian Olschewski
TRUSTSHADOW: SECURE EXECUTION OF UNMODIFIED APPLICATIONS WITH ARM TRUSTZONE 14.11.2018 Florian Olschewski 1 OUTLINE 1) Introduction 2) Trustzone 3) Threat Model 4) Overview 5) Runtime System 6) Implementation
Overview. SSL Cryptography Overview CHAPTER 1
CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet. SSL ensures the secure transmission of data between a client and a server through
Computer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University
Computer Networks Network Security and Ethics Week 14 College of Information Science and Engineering Ritsumeikan University Security Intro for Admins l Network administrators can break security into two
Securing the Frisbee Multicast Disk Loader
Securing the Frisbee Multicast Disk Loader Robert Ricci, Jonathon Duerig University of Utah 1 What is Frisbee? 2 Frisbee is Emulab s tool to install whole disk images from a server to many clients using
Key management. Required Reading. Stallings, Cryptography and Network Security: Principles and Practice, 5/E or 6/E
ECE 646 Lecture 3 Key management Required Reading Stallings, Cryptography and Network Security: Principles and Practice, 5/E or 6/E Chapter 14 Key Management and Distribution 1 Using the same key for multiple
Sharing-based Privacy and Availability of. Laboratoire ERI C. Cloud Data Warehouses. Varunya ATTASENA Nouria HARBI Jérôme DARMONT
Laboratoire ERI C Varunya ATTASENA Nouria HARBI Jérôme DARMONT Sharing-based Privacy and Availability of Cloud Data Warehouses Introduction Business intelligence (BI) and data analytics have been an ever-growing
Lamassu: Storage-Efficient Host-Side Encryption
Lamassu: Storage-Efficient Host-Side Encryption Peter Shah, Won So Advanced Technology Group 9 July, 2015 1 2015 NetApp, Inc. All rights reserved. Agenda 1) Overview 2) Security 3) Solution Architecture
Data-at-Rest Encryption
Data-at-Rest Encryption At-rest encryption in SwiftStack encrypts all object data, object etags (checksums), and any user metadata values set on objects. The feature is enabled by a cluster operator and
10/1/2015. Authentication. Outline. Authentication. Authentication Mechanisms. Authentication Mechanisms. Authentication Mechanisms
Authentication IT443 Network Security Administration Instructor: Bo Sheng Authentication Mechanisms Key Distribution Center and Certificate Authorities Session Key 1 2 Authentication Authentication is
ECE 646 Lecture 3. Key management
ECE 646 Lecture 3 Key management Required Reading Stallings, Cryptography and Network Security: Principles and Practice, 5/E or 6/E Chapter 14 Key Management and Distribution Using the same key for multiple
ENSURING PRIVACY OF E-MEDICAL HEALTH RECORDS USING TRIPLE- DES ALGORITHM
ENSURING PRIVACY OF E-MEDICAL HEALTH RECORDS USING TRIPLE- DES ALGORITHM Ms. S. P. Vidhya Priya 1, Dharani.N.R 2, Gokilavani.M 3, Jeevitha.R 4 1,2,3,4 Department of Information Technology, Kathir College
Improving data integrity on cloud storage services
International Journal of Engineering Science Invention Volume 2 Issue 2 ǁ February. 2013 Improving data integrity on cloud storage services Miss. M.Sowparnika 1, Prof. R. Dheenadayalu 2 1 (Department of
APPLICATIONS AND PROTOCOLS. Mihir Bellare UCSD 1
APPLICATIONS AND PROTOCOLS Mihir Bellare UCSD 1 Some applications and protocols Internet Casino Commitment Shared coin flips Threshold cryptography Forward security Program obfuscation Zero-knowledge Certified
PassBio: Privacy-Preserving User-Centric Biometric Authentication
1 PassBio: Privacy-Preserving User-Centric Biometric Authentication Kai Zhou and Jian Ren arxiv:1711.04902v1 [cs.cr] 14 Nov 2017 Abstract The proliferation of online biometric authentication has necessitated
DBMask: Fine-Grained Access Control on Encrypted Relational Databases
187 214 DBMask: Fine-Grained Access Control on Encrypted Relational Databases Muhammad I Sarfraz, Mohamed Nabeel, Jianneng Cao, Elisa Bertino Purdue University, West Lafayette, IN, 47907, USA. Oracle,
Privacy-Preserving Photo Sharing based on Secure JPEG
Privacy-Preserving Photo Sharing based on Secure Lin Yuan, Touradj Ebrahimi Multimedia Signal Processing Group - MMSPG Ecole Polytechnique Fédérale de Lausanne EPFL CH-1015 Lausanne, Switzerland Touradj.Ebrahimi@epfl.ch
Delegated Access for Hadoop Clusters in the Cloud
Delegated Access for Hadoop Clusters in the Cloud David Nuñez, Isaac Agudo, and Javier Lopez Network, Information and Computer Security Laboratory (NICS Lab) Universidad de Málaga, Spain Email: dnunez@lcc.uma.es
Improved Delegation Of Computation Using Somewhat Homomorphic Encryption To Reduce Storage Space
Improved Delegation Of Computation Using Somewhat Homomorphic Encryption To Reduce Storage Space Dhivya.S (PG Scholar) M.E Computer Science and Engineering Institute of Road and Transport Technology Erode,
Three Levels of Access Control to Personal Health Records in a Healthcare Cloud
Three Levels of Access Control to Personal Health Records in a Healthcare Cloud Gabriel Sanchez Bautista and Ning Zhang School of Computer Science The University of Manchester Manchester M13 9PL, United
Integrating OpenID with proxy re-encryption to enhance privacy in cloud-based identity services
Integrating OpenID with proxy re-encryption to enhance privacy in cloud-based identity services David Nuñez, Isaac Agudo, and Javier Lopez Network, Information and Computer Security Laboratory (NICS Lab)
Auditing IoT Communications with TLS-RaR
Auditing IoT Communications with TLS-RaR Judson Wilson, Henry Corrigan-Gibbs, Riad S. Wahby, Keith Winstein, Philip Levis, Dan Boneh Stanford University Auditing Standard Devices MITM Used for: security
CPSC 467: Cryptography and Computer Security
CPSC 467: Cryptography and Computer Michael J. Fischer Lecture 4 September 11, 2017 CPSC 467, Lecture 4 1/23 Analyzing Confidentiality of Cryptosystems Secret ballot elections Information protection Adversaries
Policy-Sealed Data: A New Abstraction for Building Trusted Cloud Services
Max Planck Institute for Software Systems Policy-Sealed Data: A New Abstraction for Building Trusted Cloud Services 1, Rodrigo Rodrigues 2, Krishna P. Gummadi 1, Stefan Saroiu 3 MPI-SWS 1, CITI / Universidade
Conventional Protection Mechanisms in File Systems
Steganographic File Systems 1 Conventional Protection Mechanisms in File Systems User Access Control The operating system is fully trusted to enforce the security policy. Is it good enough? Operating System
EFFICIENT DATA SHARING WITH ATTRIBUTE REVOCATION FOR CLOUD STORAGE
EFFICIENT DATA SHARING WITH ATTRIBUTE REVOCATION FOR CLOUD STORAGE Chakali Sasirekha 1, K. Govardhan Reddy 2 1 M.Tech student, CSE, Kottam college of Engineering, Chinnatekuru(V),Kurnool,Andhra Pradesh,
Lecture 9a: Secure Sockets Layer (SSL) March, 2004
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York University artg@cs.nyu.edu Security Achieved by
Security. Communication security. System Security
Security Communication security security of data channel typical assumption: adversary has access to the physical link over which data is transmitted cryptographic separation is necessary System Security
Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 11 Basic Cryptography Objectives Define cryptography Describe hashing List the basic symmetric cryptographic algorithms 2 Objectives
Efficient Privacy-Preserving Data Collection Scheme for Smart Grid AMI Networks
Efficient Privacy-Preserving Data Collection Scheme for Smart Grid AMI Networks Hawzhin Mohammed, Samet Tonyali, Khaled Rabieh, Mohamed Mahmoud, and Kemal Akkaya Department of Electrical and Computer Engineering,
Block Cipher Modes of Operation
Block Cipher Modes of Operation Luke Anderson luke@lukeanderson.com.au 23 rd March 2018 University Of Sydney Overview 1. Crypto-Bulletin 2. Modes Of Operation 2.1 Evaluating Modes 2.2 Electronic Code Book
Computer Security: Principles and Practice
Computer Security: Principles and Practice Chapter 2 Cryptographic Tools First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Cryptographic Tools cryptographic algorithms
Outline Key Management CS 239 Computer Security February 9, 2004
Outline Key Management CS 239 Computer Security February 9, 2004 Properties of keys Key management Key servers Certificates Page 1 Page 2 Introduction Properties of Keys It doesn t matter how strong your
A Cryptographic Analysis of Google s Cloud Service. Cody Jenkins Krystal Carlton ECE 646 Fall 2013
A Cryptographic Analysis of Google s Cloud Service Cody Jenkins Krystal Carlton ECE 646 Fall 2013 Cloud CompuKng Threats Google Storage Google Key Management Google Access Control Conclusions OUTLINE 2
Attribute Based Encryption with Privacy Protection in Clouds
Attribute Based Encryption with Privacy Protection in Clouds Geetanjali. M 1, Saravanan. N 2 PG Student, Department of Information Technology, K.S.R College of Engineering, Tiruchengode, Tamilnadu, India
Key management. Pretty Good Privacy
ECE 646 - Lecture 4 Key management Pretty Good Privacy Using the same key for multiple messages M 1 M 2 M 3 M 4 M 5 time E K time C 1 C 2 C 3 C 4 C 5 1 Using Session Keys & Key Encryption Keys K 1 K 2
ISSN: (Online) Volume 3, Issue 5, May 2015 International Journal of Advance Research in Computer Science and Management Studies
ISSN: 2321-7782 (Online) Volume 3, Issue 5, May 2015 International Journal of Advance Research in Computer Science and Management Studies Research Article / Survey Paper / Case Study Available online at:
Uses of Cryptography
Uses of Cryptography What can we use cryptography for? Lots of things Secrecy Authentication Prevention of alteration Page 1 Cryptography and Secrecy Pretty obvious Only those knowing the proper keys can
Cryptography and Network Security. Sixth Edition by William Stallings
Cryptography and Network Security Sixth Edition by William Stallings Chapter 9 Public Key Cryptography and RSA Misconceptions Concerning Public-Key Encryption Public-key encryption is more secure from
ECE 646 Lecture 3. Key management. Required Reading. Using the same key for multiple messages
ECE 646 Lecture 3 Key management Required Reading Stallings, Cryptography and Network Security: Principles and Practice, 5/E or 6/E Chapter 14 Key Management and Distribution Using the same key for multiple
Introduction to Cryptography Lecture 7
Introduction to Cryptography Lecture 7 Public-Key Encryption: El-Gamal, RSA Benny Pinkas page 1 1 Public key encryption Alice publishes a public key PK Alice. Alice has a secret key SK Alice. Anyone knowing
Diffie-Hellman. Part 1 Cryptography 136
Diffie-Hellman Part 1 Cryptography 136 Diffie-Hellman Invented by Williamson (GCHQ) and, independently, by D and H (Stanford) A key exchange algorithm o Used to establish a shared symmetric key Not for
Lecture III : Communication Security Mechanisms
Lecture III : Communication Security Mechanisms Internet Security: Principles & Practices John K. Zao, PhD (Harvard) SMIEEE Computer Science Department, National Chiao Tung University 2 X.800 : Security
Other Topics in Cryptography. Truong Tuan Anh
Other Topics in Cryptography Truong Tuan Anh 2 Outline Public-key cryptosystem Cryptographic hash functions Signature schemes Public-Key Cryptography Truong Tuan Anh CSE-HCMUT 4 Outline Public-key cryptosystem
Mike Reiter. University of North Carolina at Chapel Hill. Proliferation of mobile devices. Proliferation of security-relevant apps using these
1 Capture-Resilient Cryptographic Devices Mike Reiter University of North Carolina at Chapel Hill Relevant Trends 2 Proliferation of mobile devices Proliferation of networking Proliferation of security-relevant
2.1 Basic Cryptography Concepts
ENEE739B Fall 2005 Part 2 Secure Media Communications 2.1 Basic Cryptography Concepts Min Wu Electrical and Computer Engineering University of Maryland, College Park Outline: Basic Security/Crypto Concepts
ISSN Vol.04,Issue.05, May-2016, Pages:
WWW.IJITECH.ORG ISSN 2321-8665 Vol.04,Issue.05, May-2016, Pages:0737-0741 Secure Cloud Storage using Decentralized Access Control with Anonymous Authentication C. S. KIRAN 1, C. SRINIVASA MURTHY 2 1 PG
Decentralized Access Control of Data Stored In Cloud Using Encryption
Decentralized Access Control of Data Stored In Cloud Using Encryption Mahjabeen PG Scholar, Computer Science and Engineering, Bheema institute of Technology and Science, ABSTRACT: We propose a new decentralized
User Authentication. Modified By: Dr. Ramzi Saifan
User Authentication Modified By: Dr. Ramzi Saifan Authentication Verifying the identity of another entity Computer authenticating to another computer Person authenticating to a local/remote computer Important
n-bit Output Feedback
n-bit Output Feedback Cryptography IV Encrypt Encrypt Encrypt P 1 P 2 P 3 C 1 C 2 C 3 Steven M. Bellovin September 16, 2006 1 Properties of Output Feedback Mode No error propagation Active attacker can
User Authentication. Modified By: Dr. Ramzi Saifan
User Authentication Modified By: Dr. Ramzi Saifan Authentication Verifying the identity of another entity Computer authenticating to another computer Person authenticating to a local/remote computer Important
SECRET SHARING SECRET SPLITTING
Clemens H. Cap Universität Rostock clemens.cap (at) uni-rostock (dot) de SECRET SHARING SECRET SPLITTING BaSoTI 2012, Tartu Anecdotal Problem Trent wants to give Alice and Bob access to the safe Trent
Verteilte Systeme (Distributed Systems)
Verteilte Systeme (Distributed Systems) Lorenz Froihofer l.froihofer@infosys.tuwien.ac.at http://www.infosys.tuwien.ac.at/teaching/courses/ VerteilteSysteme/ Security Threats, mechanisms, design issues
Cryptographic Concepts
Outline Identify the different types of cryptography Learn about current cryptographic methods Chapter #23: Cryptography Understand how cryptography is applied for security Given a scenario, utilize general
Fine-Grained Data Sharing Supporting Attribute Extension in Cloud Computing
wwwijcsiorg 10 Fine-Grained Data Sharing Supporting Attribute Extension in Cloud Computing Yinghui Zhang 12 1 National Engineering Laboratory for Wireless Security Xi'an University of Posts and Telecommunications
Protecting Information Assets - Week 11 - Cryptography, Public Key Encryption and Digital Signatures. MIS 5206 Protecting Information Assets
Protecting Information Assets - Week 11 - Cryptography, Public Key Encryption and Digital Signatures MIS5206 Week 11 Identity and Access Control Week 10 continued Cryptography, Public Key Encryption and
Cryptography MIS
Cryptography MIS-5903 http://community.mis.temple.edu/mis5903sec011s17/ Cryptography History Substitution Monoalphabetic Polyalphabetic (uses multiple alphabets) uses Vigenere Table Scytale cipher (message
Web Tap Payment Authentication and Encryption With Zero Customer Effort
Web Tap Payment Authentication and Encryption With Zero Customer Effort Henry Ng Tap-Card-Pay Systems Corporation, Vancouver BC V5X3Y3, Canada henryng@tapcardpay.com Abstract. We propose a public-key authentication
Connecting Securely to the Cloud
Connecting Securely to the Cloud Security Primer Presented by Enrico Gregoratto Andrew Marsh Agenda 2 Presentation Speaker Trusting The Connection Transport Layer Security Connecting to the Cloud Enrico
Chapter 9. Public Key Cryptography, RSA And Key Management
Chapter 9 Public Key Cryptography, RSA And Key Management RSA by Rivest, Shamir & Adleman of MIT in 1977 The most widely used public-key cryptosystem is RSA. The difficulty of attacking RSA is based on
Midgame Attacks. (and their consequences) Donghoon Chang 1 and Moti Yung 2. IIIT-Delhi, India. Google Inc. & Columbia U., USA
Midgame Attacks (and their consequences) Donghoon Chang 1 and Moti Yung 2 1 IIIT-Delhi, India 2 Google Inc. & Columbia U., USA Crypto is a Technical Science As technology moves, so should crypto designs
AWS Key Management Service (KMS) Handling cryptographic bounds for use of AES-GCM
AWS Key Management Service (KMS) Handling cryptographic bounds for use of AES-GCM Matthew Campagna Amazon Web Services Shay Gueron Amazon Web Services University of Haifa 1 Outline The AWS Key Management