A Blockchain-Based Public Auditing Protocol with Self-Certified Public Keys for Cloud Data

Cloud storage can provide a way to effectively store and manage big data. However, due to the separation of data ownership and management, it is difficult for users to check the integrity of data in a traditional way, which leads to the introduction of the auditing techniques. This paper proposes a public auditing protocol with a self-certified public key system using blockchain technology. The user's operational information and metadata information of the file are formed to a block after verified by the checked nodes and then to be put into the blockchain. The chain structure of the block ensures the security of auditing data source. The security analysis shows that attackers can neither derive user’s secret key nor derive users’ data from the collected auditing information in the presented scheme. Furthermore, it can effectively resist against not only the signature forging attacks but also the proof forging attacks. Compared with other public auditing schemes, our scheme based on the self-certified public key system has been improved in storage overhead, communication bandwidth, and verification efficiency.

Download Full-text

Remote Data Possession Checking Scheme with Supporting Efficient Group User Authority Management for Shared Cloud Data

10.21203/rs.3.rs-884701/v1 ◽

2021 ◽

Author(s):

Yilin Yuan ◽

Jianbiao Zhang ◽

Wanshan Xu ◽

Xiao Wang ◽

Yanhui Liu

Keyword(s):

Security Analysis ◽

Public Auditing ◽

Cloud Data ◽

The Public ◽

Shared Data ◽

Identity Based ◽

And Performance ◽

Data Auditing ◽

Data Checking ◽

Remote Data

Abstract Under the shared big data environment, most of the existing data auditing schemes rarely consider the authorization management of group users. Meanwhile, how to deal with the shared data integrity is a problem that needs to be pondered. Thus, in this paper, we propose a novel remote data checking possession scheme which achieves group authority management while completing the public auditing. To perform authority management work, we introduce a trusted entity – group manager. We formalize a new algebraic structure operator named authorization invisible authenticator (AIA). Meanwhile, we provide two versions of AIA scheme: basic AIA scheme and standard AIA scheme. The standard AIA scheme is constructed based on the basic AIA scheme and user information table (UIT), with advanced security and wider applicable scenarios. By virtue of standard AIA scheme, the group manager can perfectly and easily carry out authority management, including enrolling, revoking, updating. On the basis of the above, we further design a public auditing scheme for non-revoked users’ shared data. The scheme is based on identity-based encryption (IBE), which greatly reduce the necessary certificate management cost. Furthermore, the detailed security analysis and performance evaluation demonstrate that the scheme is safe and feasible.

Download Full-text

Design Of Hybrid Cryptography With Vigenere Cipher And RSA Algorithm On IOT Data Security

JELIKU (Jurnal Elektronik Ilmu Komputer Udayana) ◽

10.24843/jlk.2020.v08.i04.p14 ◽

2020 ◽

Vol 8 (4) ◽

pp. 475

Author(s):

Maria Okta Safira ◽

I Komang Ari Mogi

Keyword(s):

System Architecture ◽

Data Security ◽

Data Encryption ◽

Public Key ◽

Secret Message ◽

Secret Key ◽

Rsa Algorithm ◽

Tcp Protocol ◽

Public Keys ◽

Encryption And Decryption

In this paper two methods are used, namely the vigenere cipher method and the RSA method. The vigenere cipher method is an example of a symmetric algorithm, while RSA is an example of an asymmetric algorithm. The combination of these two methods is called hybrid cryptography which has the advantage in terms of speed during the encryption process. Each process, which is encryption and decryption, is carried out twice, so that security can be ensured. In the process of forming the key used the RSA method. In the encryption process using public keys that have been generated before when the key is formed. This public key is used in sending data to the recipient of a secret message where this key is used for the data encryption process. The Secret key is kept and will be used during the decryption process. There is a system architecture that describes how clients and servers communicate with each other over the internet using the TCP protocol where the client here is an IoT device and the server is a server.

Download Full-text

Modified Dynamic Hash Table with Threshold RSA for Dynamic and Public Auditing on Cloud Data

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.k1448.0981119 ◽

2019 ◽

Vol 8 (11) ◽

pp. 765-772

Keyword(s):

Hash Table ◽

Third Party ◽

Experimental Result ◽

Secret Key ◽

Computation Cost ◽

Public Auditing ◽

Cloud Data ◽

Major Application ◽

Rsa Cryptography ◽

State Of Art

Cloud storage is one of the major application in the cloud, which can provide the on-demand outsourcing data service for both organizations as well as individuals. The Data Integrity (DI) check in the cloud is applied by the user to ensure the integrity of data. The Third Party Auditing (TPA) technique is later introduced to check the cloud DI. Many research has been carried out in the public auditing to minimize the computation cost of the integrity check. The most existing method involves in lack of security and low computation overhead. In this research, the Modified Dynamic Hash Table with threshold Rivest, Shamir, and Adelman Algorithm (RSA) algorithm (MDHT-RSA) is proposed to improve the security and reduce the computation cost. The threshold RSA cryptography system increase the security by generating the secret key to the user and reduce the computation cost. The Modified Dynamic Hash Table (MDHT) is used to record the data information for dynamic auditing, which is located in the TPA. The MDHT is differed from the Dynamic hash table, that the MDHT doesn’t contain the tag block whereas the dynamic hash table has the tag block. The MDHT-RSA is analyzed with the computation cost and compared with existing method. The experimental result proved that the MDHT-RSA method has low computation cost than state-of-art method in public auditing. The verification cost of the MDHT-RSA is 1.3 s while a state-of-art method DHT-PA has the 1.35 s for the 200 blocks of data.

Download Full-text

On the Security of Self-Certified Public Keys

Privacy Solutions and Security Frameworks in Information Protection ◽

10.4018/978-1-4666-2050-6.ch008 ◽

2013 ◽

pp. 124-130

Author(s):

Cheng-Chi Lee ◽

Min-Shiang Hwang ◽

I-En Liao

Keyword(s):

Information Security ◽

The Self ◽

Public Key ◽

Secret Key ◽

Slight Improvement ◽

The Public ◽

Public Keys

Many cryptosystems have been developed to solve the problem of information security, and some approaches are based on the self-certified public key proposed by Girault. In Girault’s scheme, the public key is computed cooperatively by both the system authority (SA) and the user. One of the advantages is that the public key is able to implicitly authenticate itself without any additional certificates. Another advantage is that the SA is not able to forge a public key without knowing the user’s secret key. Despite the advantages of Girault’s system, in this paper, the authors demonstrate that the system still suffers from two main weaknesses. As a result, the authors propose a slight improvement on Girault’s system.

Download Full-text

Public key cryptosystem based on multiple chaotic maps for image encryption

Indonesian Journal of Electrical Engineering and Computer Science ◽

10.11591/ijeecs.v22.i3.pp1457-1466 ◽

2021 ◽

Vol 22 (3) ◽

pp. 1457

Author(s):

Yousif S. Najaf ◽

Maher K. Mahmood Al-Azawi

Keyword(s):

Chaotic Maps ◽

Third Party ◽

Public Key ◽

Secret Key ◽

Chebyshev Map ◽

Key Space ◽

Public Keys ◽

Secret Keys ◽

Shared Secret ◽

Multiple Chaotic Maps

Image is one of the most important forms of information. In this paper, two public key encryption systems are proposed to protect images from various attacks. Both systems depend on generating a chaotic matrix (<em>I</em>) using multiple chaotic maps. The parameters for these maps are taken from the shared secret keys generated from Chebyshev map using public keys for Alice and secret key for Bob or vice versa. The second system has the feature of deceiving the third party for searching for fake keys. Analysis and tests showed that the two proposed systems resist various attacks and have very large key space. The results are compared with other chaos based systems to show the superiority of these two proposed systems.

Download Full-text

Enhanced encryption technique for secure iot data transmission

International Journal of Electrical and Computer Engineering (IJECE) ◽

10.11591/ijece.v9i5.pp3732-3738 ◽

2019 ◽

Vol 9 (5) ◽

pp. 3732

Author(s):

Rupesh Bhandari ◽

Kirubanand V B

Keyword(s):

Data Transmission ◽

Security And Privacy ◽

Public Key ◽

Secret Key ◽

Protection Mechanism ◽

Current Period ◽

Public Keys ◽

Encryption Algorithms ◽

Asymmetric Encryption ◽

Multi Phase

<div class="page" title="Page 1"><div class="section"><div class="layoutArea"><div class="column"><p><span>Internet of things is the latest booming innovation in the current period, which lets the physical entity to process and intervene with the virtual entities. As all the entities are connected with each other, it generates load of data, which lacks proper security and privacy standards. Cryptography is one of the domains of Network Security, which is one such mechanism that helps the data transmission process to be secure enough over the wireless or wired channel and along with that, it provides authenticity, confidentiality, integrity of data and prevents repudiation. In this paper, we have proposed an alternate enhanced cryptographic solution combing the characteristic of symmetric, asymmetric encryption algorithms and Public Key Server. Here, the key pairs of end points (User’s Device and IoT device) are generated using Elliptic Curve Cryptography and the respective public keys are registered in Public Key Server along with their unique MAC address. Thereafter, both the ends will agree on one common private secret key, which will be the base for further cryptographic process using AES algorithm. This model can be called as multi-phase protection mechanism. It will make the process of data transmission secure enough that no intermediate can tamper the data.</span></p></div></div></div></div>

Download Full-text

On the Security of Self-Certified Public Keys

International Journal of Information Security and Privacy ◽

10.4018/jisp.2011040104 ◽

2011 ◽

Vol 5 (2) ◽

pp. 54-60

Author(s):

Cheng-Chi Lee ◽

Min-Shiang Hwang ◽

I-En Liao

Keyword(s):

Information Security ◽

The Self ◽

Public Key ◽

Secret Key ◽

Slight Improvement ◽

The Public ◽

Public Keys

Download Full-text

Geometrical Optics Restricted Eavesdropping Analysis of Satellite-to-Satellite Secret Key Distillation

Entropy ◽

10.3390/e23080950 ◽

2021 ◽

Vol 23 (8) ◽

pp. 950

Author(s):

Ziwen Pan ◽

Ivan B. Djordjevic

Keyword(s):

Free Space ◽

Quantum Key Distribution ◽

Security Analysis ◽

Key Distribution ◽

Geometrical Optics ◽

Secret Key ◽

Satellite Applications

Traditionally, the study of quantum key distribution (QKD) assumes an omnipotent eavesdropper that is only limited by the laws of physics. However, this is not the case for specific application scenarios such as the QKD over a free-space link. In this invited paper, we introduce the geometrical optics restricted eavesdropping model for secret key distillation security analysis and apply to a few scenarios common in satellite-to-satellite applications.

Download Full-text

What If Keys Are Leaked? towards Practical and Secure Re-Encryption in Deduplication-Based Cloud Storage

Information ◽

10.3390/info12040142 ◽

2021 ◽

Vol 12 (4) ◽

pp. 142

Author(s):

Weijing You ◽

Lei Lei ◽

Bo Chen ◽

Limin Liu

Keyword(s):

Experimental Evaluation ◽

Cloud Storage ◽

Security Analysis ◽

Encrypted Data ◽

Cloud Data ◽

Storage Cost ◽

Outsourced Data ◽

Proof Of Ownership ◽

Client Side ◽

Over Time

By only storing a unique copy of duplicate data possessed by different data owners, deduplication can significantly reduce storage cost, and hence is used broadly in public clouds. When combining with confidentiality, deduplication will become problematic as encryption performed by different data owners may differentiate identical data which may then become not deduplicable. The Message-Locked Encryption (MLE) is thus utilized to derive the same encryption key for the identical data, by which the encrypted data are still deduplicable after being encrypted by different data owners. As keys may be leaked over time, re-encrypting outsourced data is of paramount importance to ensure continuous confidentiality, which, however, has not been well addressed in the literature. In this paper, we design SEDER, a SEcure client-side Deduplication system enabling Efficient Re-encryption for cloud storage by (1) leveraging all-or-nothing transform (AONT), (2) designing a new delegated re-encryption (DRE), and (3) proposing a new proof of ownership scheme for encrypted cloud data (PoWC). Security analysis and experimental evaluation validate security and efficiency of SEDER, respectively.

Download Full-text

Security Analysis of Discrete-Modulated Continuous-Variable Quantum Key Distribution over Seawater Channel

Applied Sciences ◽

10.3390/app9224956 ◽

2019 ◽

Vol 9 (22) ◽

pp. 4956 ◽

Cited By ~ 2

Author(s):

Xinchao Ruan ◽

Hang Zhang ◽

Wei Zhao ◽

Xiaoxue Wang ◽

Xuan Li ◽

...

Keyword(s):

Quantum Key Distribution ◽

Secure Communication ◽

Security Analysis ◽

Finite Size ◽

Key Distribution ◽

Continuous Variable ◽

Heterodyne Detection ◽

Secret Key ◽

Transmission Distance ◽

Better Than

We investigate the optical absorption and scattering properties of four different kinds of seawater as the quantum channel. The models of discrete-modulated continuous-variable quantum key distribution (CV-QKD) in free-space seawater channel are briefly described, and the performance of the four-state protocol and the eight-state protocol in asymptotic and finite-size cases is analyzed in detail. Simulation results illustrate that the more complex is the seawater composition, the worse is the performance of the protocol. For different types of seawater channels, we can improve the performance of the protocol by selecting different optimal modulation variances and controlling the extra noise on the channel. Besides, we can find that the performance of the eight-state protocol is better than that of the four-state protocol, and there is little difference between homodyne detection and heterodyne detection. Although the secret key rate of the protocol that we propose is still relatively low and the maximum transmission distance is only a few hundred meters, the research on CV-QKD over the seawater channel is of great significance, which provides a new idea for the construction of global secure communication network.

Download Full-text