Secure Data Sharing in Cloud Computing: Challenges and Research Directions

Similar documents
A compact Aggregate key Cryptosystem for Data Sharing in Cloud Storage systems.

Public Key Broadcast Encryption

Key-Policy Attribute-Based Encryption

Real World Crypto January 11, Geo Key Manager. Nick Sullivan Brendan McMillion

Secure Data Storage and Data Retrieval in Cloud Storage using Cipher Policy Attribute based Encryption

Assistant Professor, Dept of CSE, Vasireddy Venkatadri Institute of Technology (VVIT), Nambur (v), Guntur, Andhra Pradesh, India

Attribute-based encryption with encryption and decryption outsourcing

On the Security of an Efficient Group Key Agreement Scheme for MANETs

Attribute Based Encryption with Privacy Preserving In Clouds

HIGH LEVEL SECURITY IMPLEMENTATION IN DATA SHARING ON SOCIAL WEBSITES

EFFICIENT REVOCATION AND SECURE ATTRIBUTE-BASED PROXY RE-ENCRYPTION SCHEME

Privacy Preserving (Outsourced) Data Share and Search

P2P Social Networks With Broadcast Encryption Protected Privacy

Encrypted Data Deduplication in Cloud Storage

Various Attribute Based Encryption Algorithms in Clouds-A Survey P. Sivakumar 1 K. Devi 2 M. Navinkumar 3

Insecurity of an Dynamic User Revocation and Key Refreshing for Attribute-Based Encryption Scheme

Fine-Grained Data Sharing Supporting Attribute Extension in Cloud Computing

Session Based Ciphertext Policy Attribute Based Encryption Method for Access Control in Cloud Storage

Enhancing Reliability and Scalability in Dynamic Group System Using Three Level Security Mechanisms

Abstract. Asia-pacific Journal of Convergent Research Interchange Vol.2, No.2, June 30 (2016), pp

Time-Based Proxy Re-encryption Review

An IBE Scheme to Exchange Authenticated Secret Keys

Collusion-Resistant Group Key Management Using Attributebased

Attribute-Based Authenticated Key Exchange

Public-key Cryptography: Theory and Practice

Clock-Based Proxy Re-encryption Scheme in Unreliable Clouds

Security Weaknesses of an Anonymous Attribute Based Encryption appeared in ASIACCS 13

An Efficient Certificateless Proxy Re-Encryption Scheme without Pairing

User Revocation And Fine Grained Access Control Of Phr In Cloud Using Hasbe

Trust negotiation with trust parameters

Fortified and Revocable Access Control for Multi- Authority Cloud Storage using CPABE

A Hybrid Attribute-Based Encryption Technique Supporting Expressive Policies and Dynamic Attributes

Implementation of IBE with Outsourced Revocation technique in Cloud Computing

FAC-MACS: Fortified Access Control for Multi-Authority Cloud Storage Using CPABE

Attribute Based Encryption with Privacy Protection in Clouds

Structure-Preserving Certificateless Encryption and Its Application

On the Security of Group-based Proxy Re-encryption Scheme

Keywords: Multi-authority attribute based encryption, key policy, ciphertext policy, central authority free

Secure Data Sharing using Attribute Based Encryption with Revocation in Cloud Computing

A Procedural Based Encryption Technique for Accessing Data on Cloud

A Less Weight Secure Data Sharing Scheme for Mobile Cloud Computing

DECENTRALIZED ATTRIBUTE-BASED ENCRYPTION AND DATA SHARING SCHEME IN CLOUD STORAGE

Protecting Security and Privacy of Outsourced Data in the Cloud

Tracing Insider Attacks in the Context of Predicate Encryption Schemes

Blowfish Algorithm with Verifiable Outsourced in Cloud Computing

Integrating OpenID with proxy re-encryption to enhance privacy in cloud-based identity services

Attribute-Based Encryption. Allison Lewko, Microsoft Research

Spatial Encryption. March 17, Adam Barth, Dan Boneh, Mike Hamburg

Homomorphic encryption (whiteboard)

A Key-Policy Attribute-based Encryption Scheme for General Circuit from Bilinear Maps

Introduction to Security Reduction

A robust smart card-based anonymous user authentication protocol for wireless communications

Contributions to pairing-based cryptography

Notes for Lecture 14

Exploration Encryption Mechanism Using Single Key for Public Cloud Storage

Advanced Searchable Encryption Scheme for Secure Data Sharing in Cloud

Introduction. CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell

Relations between Semantic Security and Anonymity in Identity Based Encryption

Delegation Scheme based on Proxy Re-encryption in Cloud Environment

Framework Research on Privacy Protection of PHR Owners in Medical Cloud System Based on Aggregation Key Encryption Algorithm

Group User Revocation in Cloud for Shared Data

AoT: Authentication and Access Control for the Entire IoT Device Life-Cycle

ENSURING PRIVACY OF E-MEDICAL HEALTH RECORDS USING TRIPLE- DES ALGORITHM

Cryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng

Attribute Based Encryption with Verifiable Time Stamped Decryption

Cloud security is an evolving sub-domain of computer and. Cloud platform utilizes third-party data centers model. An

Efficient Auditable Access Control Systems for Public Shared Cloud Storage

Online/Offline Attribute-Based Encryption

Recent advances in security and privacy in big data

Verifiably Encrypted Signature Scheme with Threshold Adjudication

Fully Secure Anonymous HIBE with Short Ciphertexts

Mediated Ciphertext-Policy Attribute-Based Encryption and its Application

International Journal of Advanced Research in Computer Science and Software Engineering

Certificateless Public Key Cryptography

CloudSky: A Controllable Data Self-Destruction System for Untrusted Cloud Storage Networks

White-Box Cryptography State of the Art. Paul Gorissen

Efficient Multi-receiver identity-based encryption and its application to broadcast encryption

/15/$ IEEE

S. Erfani, ECE Dept., University of Windsor Network Security

A LTERATURE SURVEY ON REVOCABLE MULTIAUTHORITY CIPHER TEXT-POLICY ATTRIBUTE-BASED ENCRYPTION (CP-ABE) SCHEME FOR CLOUD STORAGE

STRONG DATA PRIVACY AND SECURITY FOR THE IOT

Hierarchical Identity-Based Online/Offline Encryption

Military Secured Network Data Transmission

On Efficient Ciphertext-Policy Attribute Based Encryption and Broadcast Encryption

Course Map. COMP 7/8120 Cryptography and Data Security. Learning Objectives. How to use PRPs (Block Ciphers)? 2/14/18

DAC-MACS: Effective Data Access Control for Multiauthority Cloud Storage Systems

Updating attribute in CP-ABE: A New Approach

Cryptanalysis on Two Certificateless Signature Schemes

Research Article Modified Ciphertext-Policy Attribute-Based Encryption Scheme with Efficient Revocation for PHR System

A Hierarchical Key Management Scheme for Wireless Sensor Networks Based on Identity-based Encryption

9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers

CRYPTOLOGY KEY MANAGEMENT CRYPTOGRAPHY CRYPTANALYSIS. Cryptanalytic. Brute-Force. Ciphertext-only Known-plaintext Chosen-plaintext Chosen-ciphertext

IDENTITY-BASED ENCRYPTION WITH EFFICIENT REVOCATION FOR CLOUD SERVICE PROVIDER IN CLOUD COMPUTING

Cristina Nita-Rotaru. CS355: Cryptography. Lecture 17: X509. PGP. Authentication protocols. Key establishment.

SCRIBBLE LEGALIZATION CRYPTOGRAPHIC ASPECT BASED ON DATA ACCESS CONTROL FOR STEAM COUNT

CSC 474/574 Information Systems Security

Universal designated multi verifier signature schemes

Multi-authority attribute based encryption with honest-but-curious central authority

Nowadays, online social networks are on the boom. Everyday application developers come up with new social

Remove Key Escrow from The Identity-Based Encryption System

Transcription:

Cyber Summer School Melbourne, 12-13 Feb 2018 Secure Data Sharing in Cloud Computing: Challenges and Research Directions Willy Susilo Institute of Cybersecurity and Cryptology School of Computing and Information Technology University of Wollongong Email: wsusilo@uow.edu.au 12 February 2018

Outline 1 Background 2 Generic Approaches 3 Challenges and Research Directions 4 Our Recent Research Results 5 Conclusion

Data Sharing in Cloud Computing Cloud Server Access Data Uploader users Challenges: How to encrypt data? How to decrypt data? 1

Outline 1 Background 2 Generic Approaches 3 Challenges and Research Directions 4 Our Recent Research Results 5 Conclusion

Data Sharing via IBE Identity-Based Encryption(IBE)[BF01] In the IBE, a data M is encrypted under a specified identity ID such that only the user with matching identity can decrypt the ciphertext. CT = E(mpk, ID, M) If a data owner wants to share a data with a user via IBE, it just encrypts the shared data using the user s identity. [BF01] Dan Boneh, Matthew K. Franklin: Identity-Based Encryption from the Weil Pairing. CRYPTO 2001: 213-229. 2

Data Sharing via IBBE Identity-Based Broadcast Encryption(IBBE)[D07] In the IBBE, a data M is encrypted under a set of specified identities S such that only the user with identity selected in the data encryption can retrieve the data. CT = E(mpk, S, M) IBBE can be used to share one common data with a group of users efficiently. [D07] Cécile Delerablée: Identity-Based Broadcast Encryption with Constant Size Ciphertexts and Private Keys. ASIACRYPT 2007: 200-215. 3

Data Sharing via ABE Attribute-Based Encryption(ABE)[SW05] Variant: KP-ABE & CP-ABE Data Encryption Decryption key KP-ABE An attribute set An access policy CP-ABE An access policy An attribute set If and only if the attribute set held by a user satisfies the access policy can retrieve the plaintext. Without knowing the receivers identities when performing the data encryption. [SW05] Amit Sahai, Brent Waters: Fuzzy Identity-Based Encryption. EUROCRYPT 2005: 457-473. 4

Outline 1 Background 2 Generic Approaches 3 Challenges and Research Directions 4 Our Recent Research Results 5 Conclusion

Challenges and Research Directions In the IBE, One data can only be shared with one user for each encryption. The receiver identity must be known when performing data encryption. If the receiver privacy is required, how can the user efficiently find the encrypted data which it can decrypt on the cloud?... 5

Challenges and Research Directions In the IBBE, All receivers identities must be known before encrypting the data. Once the receivers have been decided and used in the data encryption, how to revoke some of receivers if they are comprised without decryption? If the user privacy is required, how can the user efficiently find the encrypted data which it can decrypt on the cloud? Achieve collusion resistant when doing user revocation.... 6

Challenges and Research Directions In the ABE, the access policy is fixed, which might be not suitable for some real life applications. Achieve scalable access policy. Access policy extension Access policy update Access policy revocation Access policy hidden Computational efficiency Storage or data transmission efficiency... 7

Outline 1 Background 2 Generic Approaches 3 Challenges and Research Directions 4 Our Recent Research Results 5 Conclusion

Recipient Revocable Identity-Based Broadcast Encryption 8

Motivation of RR-IBBE Cloud server Data Uploader 9

Our RR-IBBE work: An extension of IBBE. Allow a third party to remove some of receivers stated in the ciphertext without leaking the encrypted data or performing any decryption. Constant-size secret key and ciphertext. 10

Improved Threshold Attribute-Based Encryption 11

In a (t, n) threshold ABE, users who can decrypt the ciphertext must hold at least t attributes among the n attributes specified in the encryption. The work of [HLR10] presents the first threshold ABE with constant-size ciphertext. Limitations of [HLR10]: Require to add dummy attributes. The computational cost of encryption is linear in the size of selected attribute set and dummy attribute set. [HLR10] Javier Herranz, Fabien Laguillaumie, Carla Rfols: Constant Size Ciphertexts in Threshold Attribute-Based Encryption. Public Key Cryptography 2010: 19-34 12

Our work Propose a new constant-size ciphertext threshold ABE scheme. Improvements: 1 Without using any dummy attribute. 2 The computation cost of encryption and decryption is linear in the number of the selected attribute set. 3 Most of the computations can be conducted without the knowledge of the threshold t. 4 The encryptor can change the threshold t without re-computing the overall ciphertext. 13

Extendable Access Control System with Integrity Protection 14

Motivation How to EXTEND the access policy? 15

Motivation Data on the left is protected with access policy P 1. Data on the right is protected with access policy P 2 P 1. Decrypt the ciphertext if satisfying either policy P 2 or P 1. 16

Trivial Solution Solution 1 Alice re-uploads the encrypted plaintext with the original access policy and the added access policy. The extension cannot be done if Alice is out of contact. Solution 2 Bob downloads the ciphertext, decrypts it, and then re-uploads it with the added policy. No integrity guarantee between the Alice s plaintext and Bob s plaintext. 17

Our Solution: EACSIP We introduce an Extendable Access Control System with Integrity Protection Data uploader uploads data under P 1. Recipients satisfying the policy P 1 can access the data. Any valid recipient can add a new access policy P 2. Recipients who satisfy P 2 or P 1 can access the data. The cloud server cannot decrypt the ciphertext. It checks integrity : any recipient who satisfies P 2 can access the same data created by the data uploader. 18

Public Key Encryption with Equality Test Two ciphertexts with different public keys correspond to the same message. Dishonest encryptors: even if two ciphertexts pass the equality test, the decrypted messages could be still different. PKEET cannot guarantee the identical decryption result! 19

Core Technique of EACSIP Functional Key Encapsulation with Equality Test The plaintext is encrypted with a symmetric key. The symmetric key is protected with an access policy. The original policy and the extended policy correspond to the same key the same decryption result. 20

EACSIP Architecture 21

This talk is based on the following works: - Willy Susilo, Peng Jiang, Fuchun Guo, Guomin Yang, Yong Yu, Yi Mu: EACSIP: Extendable Access Control System with Integrity Protection for Enhancing Collaboration in the Cloud. IEEE Trans. Information Forensics and Security 12(12): 3110-3122 (2017). - Willy Susilo, Guomin Yang, Fuchun Guo and Qiong Huang. Constant-Size Ciphertexts in Threshold Attribute-Based Encryption without Dummy Attributes. Information Sciences. Online 20 November 2017. - Willy Susilo, Rongmao Chen, Fuchun Guo, Guomin Yang, Yi Mu, Yang-Wai Chow: Recipient Revocable Identity-Based Broadcast Encryption: How to Revoke Some Recipients in IBBE without Knowledge of the Plaintext. AsiaCCS 2016: 201-210. 22

Outline 1 Background 2 Generic Approaches 3 Challenges and Research Directions 4 Our Recent Research Results 5 Conclusion

Conclusion Present generic approaches for cloud data sharing. Show challenges and research directions of data sharing in cloud computing. Introduce our recent research results. Recipient revocable IBBE scheme (allow to revoke some of receivers stated in the IBBE ciphertext). Constant-size threshold ABE scheme with using the dummy attributes (improve efficiency). Extendable access control system with integrity protection(the access policy can be extended such that more users are allowed to access the same data). 23

Thanks & Questions 24

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback