Attack on Privacy-Preserving Public Auditing Schemes for Cloud Storage

With the development of Internet, cloud computing has emerged to provide service to data users. But, it is necessary for an auditor on behalf of users to check the integrity of the data stored in the cloud. The cloud server also must ensure the privacy of the data. In a usual public integrity check scheme, the linear combination of data blocks is needed for verification. But, after times of auditing on the same data blocks, based on collected linear combinations, the auditor might derive these blocks. Recently, a number of public auditing schemes with privacy-preserving are proposed. With blinded linear combinations of data blocks, the authors of these schemes believed that the auditor cannot derive any information about the data blocks and claimed that their schemes are provably secure in the random oracle model. In this paper, with detailed security analysis of these schemes, we show that these schemes are vulnerable to an attack from the malicious cloud server who modifies the data blocks and succeeds in forging proof information for data integrity check.

Download Full-text

Efficient Certificateless Conditional Privacy-Preserving Authentication Scheme in VANETs

Mobile Information Systems ◽

10.1155/2019/7593138 ◽

2019 ◽

Vol 2019 ◽

pp. 1-19 ◽

Cited By ~ 12

Author(s):

Yang Ming ◽

Hongliang Cheng

Keyword(s):

Traffic Safety ◽

Vehicular Ad Hoc Networks ◽

Ad Hoc ◽

Security Analysis ◽

Real Life ◽

Random Oracle Model ◽

Random Oracle ◽

Privacy Preserving ◽

Bilinear Pairing ◽

Security And Privacy

Vehicular ad hoc networks (VANETs) are an increasing important paradigm for greatly enhancing roadway system efficiency and traffic safety. To widely deploy VANETs in real life, it is critical to deal with the security and privacy issues in VANETs. In this paper, we propose a certificateless conditional privacy preserving authentication (CCPPA) scheme based on certificateless cryptography and elliptic curve cryptography for secure vehicle-to-infrastructure communication in VANETs. In the proposed scheme, a roadside unit (RSU) can simultaneously verify plenty of received messages such that the total verification time may be sharply decreased. Furthermore, the security analysis indicates that the proposed scheme is provably secure in the random oracle model and fulfills all the requirements on security and privacy. To further improve efficiency, both map-to-point hash operation and bilinear pairing operation are not employed. Compared with previous CCPPA schemes, the proposed scheme prominently cuts down computation delay of message signing and verification by 66.9%–85.5% and 91.8%–93.4%, respectively, and reduces communication cost by 44.4%. Extensive simulations show that the proposed scheme is practicable and achieves prominent performances of very little average message delay and average message loss ratio and thus is appropriate for realistic applications.

Download Full-text

Privacy-Preserving Public Auditing and Data Dynamics for Secure Cloud Storage Based on Exact Regenerated Code

International Journal of Cloud Applications and Computing ◽

10.4018/ijcac.2019100101 ◽

2019 ◽

Vol 9 (4) ◽

pp. 1-20

Author(s):

Syam Kumar Pasupuleti

Keyword(s):

Cloud Storage ◽

Privacy Preserving ◽

Sensitive Data ◽

Public Auditing ◽

Data Dynamics ◽

Secure Cloud Storage ◽

And Performance ◽

Local Storage ◽

Recovery Problem ◽

Provably Secure

Cloud storage allows users to store their data in the cloud to avoid local storage and management costs. Since the cloud is untrusted, the integrity of stored data in the cloud has become an issue. To address this problem, several public auditing schemes have been designed to verify integrity of the data in the cloud. However, these schemes have two drawbacks: public auditing may reveal sensitive data to verifier and does not address the data recovery problem efficiently. This article proposes a new privacy-preserving public auditing scheme with data dynamics to secure the data in the cloud based on an exact regenerated code. This scheme encodes the data for availability, then masks the encoded blocks with randomness for privacy of data and enables a public auditor to verify the integrity of the data. Further, this scheme also supports dynamic data updates. In addition, security and performance analysis proves that proposed scheme is provably secure and efficient.

Download Full-text

Certificateless Public Auditing with Privacy Preserving for Cloud-Assisted Wireless Body Area Networks

Mobile Information Systems ◽

10.1155/2017/2925465 ◽

2017 ◽

Vol 2017 ◽

pp. 1-5 ◽

Cited By ~ 6

Author(s):

Baoyuan Kang ◽

Jiaqiang Wang ◽

Dongyang Shao

Keyword(s):

Random Oracle Model ◽

Public Key Cryptography ◽

Body Area Networks ◽

Random Oracle ◽

Wireless Body Area Networks ◽

Privacy Preserving ◽

Medical Systems ◽

Body Area ◽

Public Auditing ◽

Digital Ecosystem

With cloud computing being integrated with wireless body area networks, the digital ecosystem called cloud-assisted WBAN was proposed. In cloud-assisted medical systems, the integrity of the stored data is important. Recently, based on certificateless public key cryptography, He et al. proposed a certificateless public auditing scheme for cloud-assisted WBANs. But He et al.’s scheme is not a scheme with privacy preserving. After many checks on some of the same data blocks, the auditor can derive these data blocks. In this paper, we propose a certificateless public auditing scheme with privacy preserving for cloud-assisted WBANs. In the proof phase of the proposed scheme, the proof information is protected from being directly exposed to the auditor. So, the curious auditor could not derive the data blocks. We also prove that the proposed scheme is secure in the random oracle model under the assumption that the Diffie-Hellman problem is hard, and we give a comparison of the proposed scheme with He et al.’s scheme in terms of security and computation cost.

Download Full-text

Privacy-Preserving Data Aggregation Protocol for Fog Computing-Assisted Vehicle-to-Infrastructure Scenario

Security and Communication Networks ◽

10.1155/2018/1378583 ◽

2018 ◽

Vol 2018 ◽

pp. 1-14 ◽

Cited By ~ 4

Author(s):

Yanan Chen ◽

Zhenyu Lu ◽

Hu Xiong ◽

Weixiang Xu

Keyword(s):

Fog Computing ◽

Security Analysis ◽

Random Oracle Model ◽

Random Oracle ◽

Privacy Preserving ◽

Performance Comparison ◽

Communication Overhead ◽

Time Data ◽

Moving Vehicles ◽

Vehicle To Infrastructure

Vehicle-to-infrastructure (V2I) communication enables moving vehicles to upload real-time data about road surface situation to the Internet via fixed roadside units (RSU). Thanks to the resource restriction of mobile vehicles, fog computation-enhanced V2I communication scenario has received increasing attention recently. However, how to aggregate the sensed data from vehicles securely and efficiently still remains open to the V2I communication scenario. In this paper, a light-weight and anonymous aggregation protocol is proposed for the fog computing-based V2I communication scenario. With the proposed protocol, the data collected by the vehicles can be efficiently obtained by the RSU in a privacy-preserving manner. Particularly, we first suggest a certificateless aggregate signcryption (CL-A-SC) scheme and prove its security in the random oracle model. The suggested CL-A-SC scheme, which is of independent interest, can achieve the merits of certificateless cryptography and signcryption scheme simultaneously. Then we put forward the anonymous aggregation protocol for V2I communication scenario as one extension of the suggested CL-A-SC scheme. Security analysis demonstrates that the proposed aggregation protocol achieves desirable security properties. The performance comparison shows that the proposed protocol significantly reduces the computation and communication overhead compared with the up-to-date protocols in this field.

Download Full-text

Privacy Preserving Public Auditing in Secured Cloud Storage

International Journal of Scientific Research ◽

10.15373/22778179/march2014/18 ◽

2012 ◽

Vol 3 (3) ◽

pp. 60-61

Author(s):

V.Sajeev V.Sajeev ◽

◽

R.Gowthamani R.Gowthamani

Keyword(s):

Cloud Storage ◽

Privacy Preserving ◽

Public Auditing

Download Full-text

Provably Secure Authentication Approach for Data Security in Cloud Using Hashing, Encryption, and Chebyshev-Based Authentication

International Journal of Information Security and Privacy ◽

10.4018/ijisp.2022010106 ◽

2022 ◽

Vol 16 (1) ◽

pp. 0-0

Keyword(s):

Data Security ◽

Security Analysis ◽

Data Communication ◽

Computation Time ◽

Computational Time ◽

Security Issues ◽

Authentication Mechanism ◽

Cloud Server ◽

Secure Authentication ◽

Provably Secure

Secure and efficient authentication mechanism becomes a major concern in cloud computing due to the data sharing among cloud server and user through internet. This paper proposed an efficient Hashing, Encryption and Chebyshev HEC-based authentication in order to provide security among data communication. With the formal and the informal security analysis, it has been demonstrated that the proposed HEC-based authentication approach provides data security more efficiently in cloud. The proposed approach amplifies the security issues and ensures the privacy and data security to the cloud user. Moreover, the proposed HEC-based authentication approach makes the system more robust and secured and has been verified with multiple scenarios. However, the proposed authentication approach requires less computational time and memory than the existing authentication techniques. The performance revealed by the proposed HEC-based authentication approach is measured in terms of computation time and memory as 26ms, and 1878bytes for 100Kb data size, respectively.

Download Full-text

Study of privacy-preserving framework for cloud storage

Computer Science and Information Systems ◽

10.2298/csis100327029r ◽

2011 ◽

Vol 8 (3) ◽

pp. 801-819 ◽

Cited By ~ 12

Author(s):

Huang Ruwei ◽

Gui Xiaolin ◽

Yu Si ◽

Zhuang Wei

Keyword(s):

Data Storage ◽

Cloud Storage ◽

Security Analysis ◽

Bloom Filter ◽

Data Access ◽

Data Retrieval ◽

Privacy Preserving ◽

Index Structure ◽

Structure Generation ◽

Access Right

In order to implement privacy-preserving, efficient and secure data storage and access environment of cloud storage, the following problems must be considered: data index structure, generation and management of keys, data retrieval, treatments of change of users? access right and dynamic operations on data, and interactions among participants. To solve those problems, the interactive protocol among participants is introduced, an extirpation-based key derivation algorithm (EKDA) is designed to manage the keys, a double hashed and weighted Bloom Filter (DWBF) is proposed to retrieve the encrypted keywords, which are combined with lazy revocation, multi-tree structure, asymmetric and symmetric encryptions, which form a privacypreserving, efficient and secure framework for cloud storage. The experiment and security analysis show that EKDA can reduce the communication and storage overheads efficiently, DWBF supports ciphertext retrieval and can reduce communication, storage and computation overhead as well, and the proposed framework is privacy preserving while supporting data access efficiently.

Download Full-text

An efficient certificateless multi-receiver threshold decryption scheme

RAIRO - Theoretical Informatics and Applications ◽

10.1051/ita/2019001 ◽

2019 ◽

Vol 53 (1-2) ◽

pp. 67-84 ◽

Cited By ~ 1

Author(s):

Ronghai Gao ◽

Jiwen Zeng ◽

Lunzhi Deng

Keyword(s):

Security Analysis ◽

Mobile Network ◽

Random Oracle Model ◽

Bilinear Pairings ◽

Random Oracle ◽

Bilinear Pairing ◽

Public And Private ◽

The Public ◽

Public Keys ◽

Threshold Decryption

Threshold decryption allows only quorum cooperate users to decrypt ciphertext encrypted under a public key. However, such threshold decryption scheme cannot be applied well in this situation where all users have their public and private key pairs, but do not share any private keys corresponding to the public keys, such as mobile network featured with dynamic character. The direct way to achieve threshold decryption in this case is to divide the message into several pieces and then encrypt these pieces with the public keys of different users. However, this is very inefficient. Multireceiver threshold decryption scheme that could be applied efficiently in the above situation. Recently, some certificateless (ID-based) multireceiver threshold decryption (signcryption) schemes are introduced. But the bilinear pairings are used in most of the existing schemes. In this paper, we propose an efficient certificateless threshold decryption scheme using elliptic curve cryptography (ECC) without bilinear pairing. Performance analysis shows that the proposed scheme has lower computation cost than existing some threshold decryption schemes in both encryption and decryption process. Security analysis shows that our scheme is IND-CCA secure, and no one outside of selected receivers can disclose receivers identities, against the adversaries defined in CL-PKC system under the random oracle model.

Download Full-text

An Improved Anonymous Authentication Protocol for Wearable Health Monitoring Systems

Wireless Communications and Mobile Computing ◽

10.1155/2020/5686498 ◽

2020 ◽

Vol 2020 ◽

pp. 1-13

Author(s):

Jiaqing Mo ◽

Wei Shen ◽

Weisheng Pan

Keyword(s):

Health Monitoring ◽

Denial Of Service ◽

Security Analysis ◽

Random Oracle Model ◽

Random Oracle ◽

Authentication Protocol ◽

Wireless Channel ◽

Formal Proofs ◽

Insider Attack ◽

Quadratic Residues

Wearable health monitoring system (WHMS), which helps medical professionals to collect patients’ healthcare data and provides diagnosis via mobile devices, has become increasingly popular thanks to the significant advances in the wireless sensor network. Because health data are privacy-related, they should be protected from illegal access when transmitted over a public wireless channel. Recently, Jiang et al. presented a two-factor authentication protocol on quadratic residues with fuzzy verifier for WHMS. However, we observe that their scheme is vulnerable to known session special temporary information (KSSTI) attack, privileged insider attack, and denial-of-service (DoS) attack. To defeat these weaknesses, we propose an improved two-factor authentication and key agreement scheme for WHMS. Through rigorous formal proofs under the random oracle model and comprehensive informal security analysis, we demonstrate that the improved scheme overcomes the disadvantages of Jiang et al.’s protocol and withstands possible known attacks. In addition, comparisons with several relevant protocols show that the proposed scheme achieves more security features and has suitable efficiency. Thus, our scheme is a reasonable authentication solution for WHMS.

Download Full-text

An Efficient Chaotic Map-Based Authentication Scheme with Mutual Anonymity

Applied Computational Intelligence and Soft Computing ◽

10.1155/2016/3916942 ◽

2016 ◽

Vol 2016 ◽

pp. 1-10

Author(s):

Yousheng Zhou ◽

Junfeng Zhou ◽

Feng Wang ◽

Feng Guo

Keyword(s):

Key Management ◽

Chaotic Map ◽

Mutual Authentication ◽

Security Analysis ◽

Random Oracle Model ◽

Random Oracle ◽

Authentication Scheme ◽

Session Key ◽

The Real ◽

Shared Key

A chaotic map-based mutual authentication scheme with strong anonymity is proposed in this paper, in which the real identity of the user is encrypted with a shared key between the user and the trusted server. Only the trusted server can determine the real identity of a user during the authentication, and any other entities including other users of the system get nothing about the user’s real identity. In addition, the shared key of encryption can be easily computed by the user and trusted server using the Chebyshev map without additional burdensome key management. Once the partnered two users are authenticated by the trusted server, they can easily proceed with the agreement of the session key. Formal security analysis demonstrates that the proposed scheme is secure under the random oracle model.

Download Full-text