User Privacy Protection Scheme Based on Verifiable Outsourcing Attribute-Based Encryption

Given the rapid development of cloud computing and cloud storage technology, a growing number of enterprises and individuals use cloud storage services to save data or back up data. In the cloud storage services, although attribute-based encryption can protect users’ data security, the computational cost of key generation, data encryption, and data decryption linearly increases with the complexity of access strategies, which becomes more critical for resource-constrained users. Therefore, this paper proposes a verifiable attribute-based encryption scheme for a fully outsourced ciphertext policy. The scheme can simultaneously realize the functions of key generation, data encryption, and data decryption outsourcing and verify the correctness of the outsourcing calculation results. This scheme can effectively reduce the computational burden of a cloud storage system. The security and verifiability of the scheme are indicated and proved with the random oracle model. The experimental results show that the scheme has the advantages of function and efficiency compared with other schemes. The research results have theoretical and practical significance.

Download Full-text

Theory and application of encrypted sequential data processing: search and computation

10.32920/ryerson.14644056 ◽

2021 ◽

Author(s):

Hoi Ting Poon

Keyword(s):

Cloud Storage ◽

Keyword Search ◽

Computational Cost ◽

Bloom Filters ◽

Sequential Data ◽

User Privacy ◽

Three Solutions ◽

Encrypted Data ◽

Storage Cost ◽

Target Values

Cloud Computing has seen a dramatic rise in adoption in the past decade amid se- curity and privacy concerns. One area of consensus is that encryption is necessary, as anonymization techniques have been shown to be unreliable. However, the processing of encrypted data has proven to be difficult. Briefly, the goal is to maintain security over remotely stored and accessed data while achieving reasonable storage cost and perfor- mance. Search is the most basic and central functionality of a privacy-protected cloud storage system actively being investigated. Recent works have looked at enabling more specialized search functions. In this thesis, we explore the problem of searching and pro- cessing of sequential data. We propose three solutions targeting textual data, with em- phasis respectively on security, storage cost and performance. Our first solution achieves a high level of security with reduced communication, storage and computational cost by exploiting properties of natural languages. Our second solution achieves a minimal storage cost by taking advantage of the space efficiency of Bloom filters. Both propos- als were also first to enable non-keyword search in phrases. Using a subsequence-based solution, our final phrase search scheme is currently the fastest phrase search protocol in literature. We also show how sequential data search schemes can be extended to in- clude auditing with minimal additional cost. The solution is capable of achieving proof of retrievability with unbounded number of audits. A sample application which enables searching and computing over target values of encrypted XML files is also demonstrated. In terms of media, we describe an encrypted cloud media storage solution that simultane- ously protects user privacy and enables copyright verification, and is the first to achieve security against dishonest participants. We also describe a framework where practical scalable privacy-protected copyright detection can be performed. Finally, an application of sequence querying over generic data in the form of an Anti-Virus over encrypted cloud storage is demonstrated. A private scanning solution and a public Anti-Virus as a ser- vice solution are described, noting that the technique can be conceptualized as a generic pattern matching solution on encrypted data. We also include some directions on future work and unexplored applications.

Download Full-text

A Secure Ciphertext Self-Destruction Scheme with Attribute-Based Encryption

Mathematical Problems in Engineering ◽

10.1155/2015/329626 ◽

2015 ◽

Vol 2015 ◽

pp. 1-8 ◽

Cited By ~ 1

Author(s):

Tonghao Yang ◽

Junquan Li ◽

Bin Yu

Keyword(s):

Cloud Storage ◽

Hash Table ◽

Data Encryption ◽

Distributed Hash Table ◽

Sybil Attack ◽

Sensitive Data ◽

Storage Security ◽

Fine Grained ◽

Attribute Based Encryption ◽

Efficient Data

The secure destruction of expired data is one of the important contents in the research of cloud storage security. Applying the attribute-based encryption (ABE) and the distributed hash table (DHT) technology to the process of data destruction, we propose a secure ciphertext self-destruction scheme with attribute-based encryption called SCSD. In SCSD scheme, the sensitive data is first encrypted under an access key and then the ciphertext shares are stored in the DHT network along with the attribute shares. Meanwhile, the rest of the sensitive data ciphertext and the shares of access key ciphertext constitute the encapsulated self-destruction object (EDO), which is stored in the cloud. When the sensitive data is expired, the nodes in DHT networks can automatically discard the ciphertext shares and the attribute shares, which can make the ciphertext and the access key unrecoverable. Thus, we realize secure ciphertext self-destruction. Compared with the current schemes, our SCSD scheme not only can support efficient data encryption and fine-grained access control in lifetime and secure self-destruction after expiry, but also can resist the traditional cryptanalysis attack as well as the Sybil attack in the DHT network.

Download Full-text

Secure and Error-Free Data Storage on Cloud via Deniable CP-ABE Scheme

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.j9614.0881019 ◽

2019 ◽

Vol 8 (10) ◽

pp. 2880-2883

Keyword(s):

Data Storage ◽

Cloud Storage ◽

Distributed Storage ◽

User Privacy ◽

Attribute Based Encryption ◽

Free Data ◽

Identity Privacy ◽

Successive Change ◽

Cloud Servers ◽

Storage Encryption

Cloud storage services are quickly increasing and more prevalent. CSP-cloud storage providers offer storage as a service to all the users. It is a paid facility that allows association to outsource their confidential data to be stored on remote servers. But, identity privacy and preserving data from an untrusted cloud is a difficult concern, because of the successive change of the members. CSP has to be secured from an illegitimate person who performs data corruption over cloud servers. Thus, there is a need to safeguard information from the individuals who don’t have access by establishing numerous cloud storage encryption plans. Every such plan implemented expects that distributed storage suppliers are protected and can't be hacked; however, practically speaking, a few powers will compel distributed storage suppliers to render client details and secret information on the cloud, in this manner inside and out bypassing stockpiling encryption plans. In this paper, a new scheme is introduced to protect user privacy by a deniable CP_ABE(Cloud Provider_ Attribute Based Encryption) scheme which implements a cloud storage encryption plan. Since coercers cannot specify whether privileged insights are valid or not, the CSP ensures privacy of the user

Download Full-text

Accountable CP-ABE with Public Verifiability: How to Effectively Protect the Outsourced Data in Cloud

International Journal of Foundations of Computer Science ◽

10.1142/s0129054117400147 ◽

2017 ◽

Vol 28 (06) ◽

pp. 705-723

Author(s):

Gang Yu ◽

Xiaoxiao Ma ◽

Zhenfu Cao ◽

Guang Zeng ◽

Wenbao Han

Keyword(s):

Cloud Storage ◽

Third Party ◽

Access Structures ◽

Public Verifiability ◽

Attribute Based Encryption ◽

Outsourced Data ◽

Identity Based ◽

Commercial Applications ◽

Ciphertext Policy ◽

Cloud Storage Services

Ciphertext-policy attribute-based encryption, denoted by CP-ABE, extends identity based encryption by taking a set of attributes as users’ public key which enables scalable access control over outsourced data in cloud storage services. However, a decryption key corresponding to an attribute set may be owned by multiple users. Then, malicious users are subjectively willing to share their decryption keys for profits. In addition, the authority who issues decryption keys in CP-ABE system is able to generate arbitrary decryption key for any (including unauthorized) user. Key abuses of both malicious users and the authority have been regarded as one of the major obstacles to deploy CP-ABE system in real-world commercial applications. In this paper, we try to solve these two kinds of key abuses in CP-ABE system, and propose two accountable CP-ABE schemes supporting any LSSS realizable access structures. Two proposed accountable CP-ABE schemes allow any third party (with the help of authorities if necessary) to publicly verify the identity of an exposed decryption key, allow an auditor to publicly audit whether a malicious user or authorities should be responsible for an exposed decryption key, and the key abuser can’t deny it. At last, we prove the two schemes can achieve publicly verifiable traceability and accountability.

Download Full-text

Privacy-Preserving Outsourced Auditing Scheme for Dynamic Data Storage in Cloud

Security and Communication Networks ◽

10.1155/2017/4603237 ◽

2017 ◽

Vol 2017 ◽

pp. 1-17 ◽

Cited By ~ 5

Author(s):

Tengfei Tu ◽

Lu Rao ◽

Hua Zhang ◽

Qiaoyan Wen ◽

Jia Xiao

Keyword(s):

Data Storage ◽

Cloud Storage ◽

Data Privacy ◽

Computational Cost ◽

Security Analysis ◽

Data Encryption ◽

Third Party ◽

User Data ◽

Data Auditing ◽

User Focus

As information technology develops, cloud storage has been widely accepted for keeping volumes of data. Remote data auditing scheme enables cloud user to confirm the integrity of her outsourced file via the auditing against cloud storage, without downloading the file from cloud. In view of the significant computational cost caused by the auditing process, outsourced auditing model is proposed to make user outsource the heavy auditing task to third party auditor (TPA). Although the first outsourced auditing scheme can protect against the malicious TPA, this scheme enables TPA to have read access right over user’s outsourced data, which is a potential risk for user data privacy. In this paper, we introduce the notion of User Focus for outsourced auditing, which emphasizes the idea that lets user dominate her own data. Based on User Focus, our proposed scheme not only can prevent user’s data from leaking to TPA without depending on data encryption but also can avoid the use of additional independent random source that is very difficult to meet in practice. We also describe how to make our scheme support dynamic updates. According to the security analysis and experimental evaluations, our proposed scheme is provably secure and significantly efficient.

Download Full-text

Ensuring Better Privacy of Cloud Storage Using Elliptic Curve Cryptography

International Journal of Scientific Research in Computer Science Engineering and Information Technology ◽

10.32628/cseit2062160 ◽

2020 ◽

pp. 530-536

Author(s):

A. V. Deorankar ◽

Khushboo T. Khobragade

Keyword(s):

Cloud Computing ◽

Elliptic Curve ◽

Data Security ◽

Cloud Storage ◽

Rapid Development ◽

Cloud Services ◽

Public Key Encryption ◽

User Privacy ◽

Important Concern ◽

Share Data

Cloud technology is very profitable for the business evolution. In cloud computing, the data is mostly outsourced. The security and integrity of the data in the cloud system is always a main worry. Because of rapid development of adaptable cloud services, it becomes increasingly vulnerable to use cloud services to share data in a friend circle in the environment of cloud computing. The user privacy is also an important concern. Many systems and technique are being developed to address these issues, but still there is always a scope of improvement. While addressing the issues related to the user privacy and data security and integrity, we must consider the efficiency of the system while accessing and searching for the data. In this paper, we discuss about the major challenges in cloud environment. Also, presented is a brief overview on proposed system with elliptical curve cryptography is a public key encryption technique uses the properties of elliptic curve in order to generate keys instead of using the traditional methodology of generation of keys.

Download Full-text

Secure Key Storage and Access Delegation Through Cloud Storage

International Journal of Knowledge and Systems Science ◽

10.4018/ijkss.2020100104 ◽

2020 ◽

Vol 11 (4) ◽

pp. 45-64

Author(s):

Bharati Mishra ◽

Debasish Jena ◽

Ramasubbareddy Somula ◽

S. Sankar

Keyword(s):

Key Management ◽

Cloud Storage ◽

Random Oracle Model ◽

Random Oracle ◽

Key Generation ◽

Encryption Scheme ◽

Lightweight Cryptography ◽

Encryption Schemes ◽

Client Side ◽

Cloud User

Cloud storage is gaining popularity to store and share files. To secure the files, cloud storage providers supply client interfaces with the facility to encrypt the files and upload them into the cloud. When client-side encryption is done, the onus of key management lies with the cloud user. Public key proxy re-encryption mechanisms can be used to distribute the key among stakeholders of the file. However, clients use low powered devices like mobile phones to share their files. Lightweight cryptography operations are needed to carry out the encryption operations. Ring-LWE-based encryption scheme meets this criterion. In this work, a proxy re-encryption scheme is proposed to distribute the file key. The scheme is proved CCA secure under Ring-LWE assumption in the random oracle model. The performance of the scheme is compared with the existing proxy re-encryption schemes which are observed to show better performance for re-encryption and re-key generation.

Download Full-text

Practical Verification of Data Encryption for Cloud Storage Services

Services Computing – SCC 2019 - Lecture Notes in Computer Science ◽

10.1007/978-3-030-23554-3_2 ◽

2019 ◽

pp. 16-31

Author(s):

Jinxia Fang ◽

Limin Liu ◽

Jingqiang Lin

Keyword(s):

Cloud Storage ◽

Data Encryption ◽

Cloud Storage Services

Download Full-text

An Attribute-Based Assured Deletion Scheme in Cloud Computing

International Journal of Information Technology and Web Engineering ◽

10.4018/ijitwe.2019040105 ◽

2019 ◽

Vol 14 (2) ◽

pp. 74-91 ◽

Cited By ~ 1

Author(s):

Fangfang Shan ◽

Hui Li ◽

Fenghua Li ◽

Yunchuan Guo ◽

Jinbo Xiong

Keyword(s):

Cloud Computing ◽

Cloud Storage ◽

Service Providers ◽

Rapid Development ◽

Data Encryption ◽

Third Party ◽

Fine Grained ◽

Outsourced Data ◽

Cloud Storage Service ◽

Share Data

With the rapid development of cloud computing, it has been increasingly attractive for individuals and groups to store and share data via cloud storage. Once stored in the third-party cloud storage service providers, the privacy and integrity of outsourced data should be attached with more attention as a challenging task. This article presents the attribute-based assured deletion scheme (AADS) which aims to protect and assuredly delete outsourced data in cloud computing. It encrypts outsourced data files with standard cryptographic techniques to guarantee the privacy and integrity, and assuredly deletes data upon revocations of attributes. AADS could be applied to solve important security problems by supporting fine-grained attribute-based policies and their combinations. According to the comparison and analysis, AADS provides efficient data encryption and flexible attribute-based assured deletion for cloud-stored data with an acceptable concession in performance cost.

Download Full-text

An enhanced media ciphertext-policy attribute-based encryption algorithm on media cloud

International Journal of Distributed Sensor Networks ◽

10.1177/1550147720908196 ◽

2020 ◽

Vol 16 (2) ◽

pp. 155014772090819

Author(s):

Hao Li ◽

Lianbing Deng ◽

Cheng Yang ◽

Jianbo Liu

Keyword(s):

Cloud Computing ◽

Access Control ◽

Multiple Access ◽

Control Structure ◽

Computational Cost ◽

Encryption Algorithm ◽

Practical Significance ◽

Attribute Based Encryption ◽

Ciphertext Policy ◽

Media Cloud

With the development of cloud computing, more and more video services are moving to the cloud. How to realize fine-grained access control of those data on cloud becomes an urgent problem. Attribute-based encryption provides a solution. However, heavy computation is still a bottleneck restricting the wider application of attribute-based encryption in cloud computing. In addition, we find that expression of the access control structure on media cloud can be further improved. To solve these problems, we propose an enhanced media ciphertext-policy attribute-based encryption algorithm and introduce its two key components, the multiple access tree and the key chain. To increase the scalability of the proposed algorithm, we discussed the issues of multi-authorization, user revocation, and 1 − n multiple access tree. Security analysis shows that enhanced media ciphertext-policy attribute-based encryption can successfully resist chosen-plaintext attacks under the decisional bilinear Diffie–Hellman assumption. Performance analysis proves both theoretically and practically that the proposed algorithm incurs less computational cost than the traditional ciphertext-policy attribute-based encryption, multi-message ciphertext-policy attribute-based encryption, and scalable ciphertext-policy attribute-based encryption by optimizing the access control structure. Our proposed algorithm has strong practical significance in media cloud.

Download Full-text