nach oben

Cluster Computing

Erschienen in:

01.12.2013

Simultaneous authentication and secrecy in identity-based data upload to cloud

verfasst von: Bo Qin, Huaqun Wang, Qianhong Wu, Jianwei Liu, Josep Domingo-Ferrer

Erschienen in: Cluster Computing | Ausgabe 4/2013

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Most existing works to secure cloud devote to remote integrity check, search and computing on encrypted data. In this paper, we deal with simultaneous authentication and secrecy when data are uploaded to cloud. Observing that cloud is most interesting to companies in which multiple authorized employees are allowed to upload data, we propose a general framework for secure data upload in an identity-based setting. We present and employ identity-based signcryption (IBSC) to meet this goal. As it is shown that it is challenging to construct IBSC scheme in the standard model and most IBSC schemes are realized in the random oracle model which is regarded weak to capture the realistic adversaries, we propose a new IBSC scheme simultaneously performing encryption and signature with cost less than the signature-then-encryption approach. The identity based feature eliminates the complicated certificates management in signcryption schemes in the traditional public-key infrastructure (PKI) setting. Our IBSC scheme exploits Boneh et al.’s strongly unforgeable signature and Paterson et al.’s identity-based signature. The scheme is shown to satisfy semantic security and strong unforgeability. The security relies on the well-defined bilinear decision Diffie-Hellman (BDDH) assumption and the proof is given in the standard model. With our IBSC proposal, a secure data upload scheme is instantiated with simultaneous authentication and secrecy in a multi-user setting.

Vorheriger Artikel Distributed-based massive processing of activity logs for efficient user modeling in a Virtual Campus

Nächster Artikel End-to-end security scheme for Machine Type Communication based on Generic Authentication Architecture

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

An, J.H., Dodis, Y., Rabin, T.: On the security of joint signature and encryption. In: Proceedings of EUROCRYPT’02, vol. 2332, pp. 83–107 (2002)

Armknecht, F., Augot, D., Perret, L., Sadeghi, A.: On constructing homomorphic encryption schemes from coding theory. In: Proceedings of Cryptography and Coding—13th IMA International Conference, Oxford, UK, December 2011, pp. 23–40 (2011)

Ateniese, G., Burns, R., Curtmola, R., Herring, J., Khan, O., Kissner, L., Peterson, Z., Song, D.: Remote data checking using provable data possession. ACM Trans. Inf. Syst. Secur. 14(1), 12.1–12.34 (2011) CrossRef

Ateniese, G., Burns, R., Curtmola, R., Herring, J., Kissner, L., Peterson, Z., Song, D.: Provable data possession at untrusted stores. In: Proc. of ACM CCS’07, pp. 598–609 (2007)

Baek, J., Steinfeld, R., Zheng, Y.: Formal proofs for the security of signcryption. In: Proc. of PKC’02, vol. 2274, pp. 80–98 (2002)

Baek, J., Steinfeld, R., Zheng, Y.: Formal proofs for the security of signcryption. J. Cryptol. 20(2), 203–235 (2007) MathSciNetCrossRefMATH

Barreto, P.S.L.M., Libert, B., McCullagh, N., Quisquater, J.J.: Efficient and provably-secure identity based signatures and signcryption from Bilinear maps. In: Proc. of ASIACRYPT’05, vol. 3788, pp. 515–532 (2005)

Bellare, M., Shoup, S.: Two-tier signatures, strongly unforgeable signatures, and fiat-shamir without random oracles. In: Proc. of PKC’07, vol. 4450, pp. 201–216 (2007)

Boneh, D., Lynn, B., Shacham, H.: Short signatures from the weil pairing. In: Proc. of ASIACRYPT’01, vol. 2248, pp. 514–532 (2011)

10.

Boneh, D., Shen, E., Waters, B.: Strongly unforgeable signatures based on computational diffie-hellman. In: Proc. of PKC’06, vol. 3958, pp. 229–240 (2006)

11.

Boyen, X.: Multipurpose identity based signcryption: a swiss army knife for identity based cryptography. In: Proc. of CRYPTO’03, vol. 2792, pp. 383–399 (2003)

12.

Brakerski, Z., Vaikuntanathan, V.: Fully homomorphic encryption from ring-LWE and security for key dependent messages. In: Proc. of CRYPTO’11, vol. 6841, pp. 505–524 (2011)

13.

Canetti, R., Goldreich, O., Halevi, S.: The random oracle methodology. J. ACM 51(4), 557–594 (2004) MathSciNetCrossRefMATH

14.

Chatterjee, P., Sengupta, I., Ghosh, S.K.: STACRP: a secure trusted auction oriented clustering based routing protocol for MANET. Clust. Comput. 15, 303–320 (2012) CrossRef

15.

Chen, L., Malone-Lee, J.: Improved identity-based signcryption. In: Proc. of PKC’05, vol. 3386, pp. 362–379 (2005)

16.

Chow, S.S.M., Yiu, S.M., Hui, L.C.K., Chow, K.P.: Efficient forward and provably secure ID-based signcryption scheme with public verifiability and public ciphertext authenticity. In: Proc. of ICISC’03, vol. 2971, pp. 352–369 (2004)

17.

Di Pietro, R., Blass, E.-O., Molva, R., Onen, M.: PRISM—privacy-preserving searches in MapReduce. In: Proc. of PET’02, vol. 7384, pp. 180–200 (2012)

18.

Fan, J., Zheng, Y., Tang, X.: Signcryption with non-interactive non-repudiation without random oracles. In: Transactions on Computational Science X, vol. 6340, pp. 202–230 (2010) CrossRef

19.

Gentry, C.: Fully homomorphic encryption using ideal lattices. In: Proc. of STOC 2009, pp. 169–178 (2009)

20.

Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proc. of ACM CCS’06, pp. 89–98 (2006)

21.

Huang, Q., Wong, D.S., Li, J., Zhao, Y.: Generic transformation from weakly to strongly unforgeable signatures. J. Comput. Sci. Technol. 23(2), 240–252 (2008) MathSciNetCrossRef

22.

Itani, W., Kayssi, A., Chehab, A.: SNUAGE: An Efficient Platform-as-a-service Security Framework for the Cloud. Cluster Comput. Accessed: 1 December (2012). Retrieved from: http://link.springer.com/article/10.1007%2Fs10586-012-0223-x

23.

Jin, Z.P., Wen, Q.Y., Du, H.Z.: An improved semantically-secure identity-based signcryption scheme in the standard model. Comput. Electr. Eng. 36(3), 545–552 (2010) CrossRefMATH

24.

Kamara, S., Lauter, K.: Cryptographic cloud storage. In: Proc. of Financial Cryptography Workshops 2010. Lecture Notes in Computer Science, vol. 6054, pp. 136–149 (2010)

25.

Kim, I., Lee, D., Kim, K.J., Lee, J.: Flexible authorization in home network environments. Clust. Comput. 15, 3–15 (2012) CrossRef

26.

Li, M., Yu, S., Cao, N., Lou, W.: Authorized private keyword search over encrypted data in cloud computing. In: Proc. of the 2011 31st International Conference on Distributed Computing Systems (ICDCS’11), pp. 383–392. IEEE Comput. Soc., Washington (2011) CrossRef

27.

Libert, B., Quisquator, J.J.: A new identity based signcryption scheme from pairings. In: Proc. of IEEE Information Theory Workshop, Paris, France, pp. 155–158 (2003)

28.

Liu, Z.H., Hu, Y.P., Zhang, X.S., Ma, H.: Certificateless signcryption scheme in the standard model. Inf. Sci. 180(3), 452–464 (2010) MathSciNetCrossRefMATH

29.

Malone-Lee, J.: Identity Based Signcryption, Cryptology ePrint Archive. IACR Report 2002/098. Accessed: 1 December (2012). Retrieved from: http://eprint.iacr.org/2002/098.pdf

30.

Matsuda, T., Attrapadung, N., Hanaoka, G., Matsuura, K., Imai, H.: A CDH-based strongly unforgeable signature without collision resistant hash function. In: Proc. of International Conference on Provable Security. Lecture Notes in Computer Science, vol. 4784, pp. 68–84 (2007) CrossRef

31.

Paterson, K.G., Schuldt, J.C.N.: Efficient identity-based signatures secure in the standard model. In: Proc. of ACISP’06. Lecture Notes in Computer Science, vol. 4058, pp. 207–222 (2006)

32.

Qin, B., Wang, H., Wu, Q., Liu, J., Domingo-Ferrer, J.: An identity based signcryption scheme in the standard model. In: Proc. of the 4-th International Conference on Intelligent Networking and Collaborative Systems—INCOS 2012, Bucharest, Romania, September 2012, pp. 606–611 (2012) CrossRef

33.

Sadeghi, A.-R., Schneider, T., Winandy, M.: Token-based cloud computing. In: Proc. of TRUST’10, Berlin, Germany, June 2010, pp. 417–429 (2010)

34.

Wang, H.: Proxy Provable Data Possession in Public Clouds. IEEE Transactions on Services Computing. IEEE computer Society Digital Library, 07 December (2012). http://doi.ieeecomputersociety.org/10.1109/TSC.2012.35

35.

Wang, H., Zhang, Y.: On the Knowledge Soundness of a Cooperative Provable Data Possession Scheme in Multicloud Storage. IEEE Trans. Parallel Distrib. Syst. PP(99), 1. doi:10.1109/TPDS.2013.16

36.

Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Proc. of Eurocrypt’05. Lecture Notes in Computer Science, vol. 3494, pp. 457–473 (2005)

37.

Security Guidance for Critical Areas of Focus in Cloud Computing. Accessed: 12 November (2012). Retrieve from: www.cloudsecurityalliance.org

38.

Steinfeld, R., Pieprzyk, J., Wang, H.X.: How to strengthen any weakly unforgeable signature into a strongly unforgeable signature. In: Proc. of CT-RSA’07. Lecture Notes in Computer Science, vol. 4377, pp. 357–371 (2007)

39.

Wang, L.L., Zhang, G.Y., Ma, C.G.: A secure ring signcryption scheme for private and anonymous communication. In: Proc. of IFIP International Conference on Network and Parallel Computing—NPC Workshops 2007, Dalian, China, September 2007, pp. 107–111 (2007) CrossRef

40.

Wu, Q., Mu, Y., Susilo, W., Qin, B., Domingo-Ferrer, J.: Asymmetric group key agreement. In: Proc. of EUROCRYPT’09, vol. 5479, pp. 153–170 (2009)

41.

Wu, Q., Qin, B., Zhang, L., Domingo-Ferrer, J., Farràs, O.: Bridging broadcast encryption and group key agreement. In: Proc. of ASIACRYPT’11. Lecture Notes in Computer Science, vol. 7073, pp. 143–160 (2011)

42.

Yu, Y., Yang, B., Sun, Y., Zhu, S.L.: Identity based signcryption scheme without random oracles. Comput. Stand. Interfaces 31(1), 56–62 (2009) CrossRef

43.

Zhang, M., Li, P., Yang, B., Wang, H., Takagi, T.: Towards confidentiality of ID-based signcryption schemes under without random oracle model. In: Proc. of PAISI’10. Lecture Notes in Computer Science, vol. 6122, pp. 98–104 (2010)

44.

Zhang, G., Parashar, M.: Cooperative detection and protection against network attacks using decentralized information sharing. Clust. Comput. 13, 67–86 (2010) CrossRef

45.

Zhang, B., Xu, Q.L.: An ID-based anonymous signcryption scheme for multiple receivers secure in the standard model. In: Proc. of AST/UCMA/ISA/ACN 2010. Lecture Notes in Computer Science, vol. 6059, pp. 15–27 (2010)

46.

Zhang, M., Yang, B., Takagi, T., Shen, Y., Zhang, W.: Fuzzy biometric signcryption scheme with bilinear pairings in the standard model. In: Proc. of PAISI’10. Lecture Notes in Computer Science, vol. 6122, pp. 77–87 (2010)

47.

Zheng, Y.: Digital signcryption or how to achieve cost (Signature & Encryption) ≤ Cost (Signature) + Cost (Encryption). In: Proc. of CRYPTO’97. Lecture Notes in Computer Science, vol. 1294, pp. 165–179 (1997)

Titel: Simultaneous authentication and secrecy in identity-based data upload to cloud
verfasst von: Bo Qin
Huaqun Wang
Qianhong Wu
Jianwei Liu
Josep Domingo-Ferrer
Publikationsdatum: 01.12.2013
Verlag: Springer US
Erschienen in: Cluster Computing / Ausgabe 4/2013
Print ISSN: 1386-7857
Elektronische ISSN: 1573-7543
DOI: https://doi.org/10.1007/s10586-013-0258-7

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 4/2013

Interconnecting Federated Clouds by Using Publish-Subscribe Service

Trust management on user behavioral patterns for a mobile cloud computing

Efficient push-based packet scheduling for Peer-to-Peer live streaming

A configuration scheme for connectivity-aware mobile P2P networks for efficient mobile cloud-based video streaming services

PPAS: privacy protection authentication scheme for VANET

Ontology as a Service (OaaS): extracting and replacing sub-ontologies on the cloud

Premium Partner