scholarly journals S3DCE: Secure Storing and Sharing of Data in Cloud Environment using user Phrase

2020 ◽  
Vol 9 (4) ◽  
pp. 1191-1198
Keyword(s):  
Resource Utilization ◽  
Data Security ◽  
Communication Channel ◽  
Third Party ◽  
Public Key ◽  
Time Cost ◽  
Cloud Environment ◽  
The Public ◽  
User Data ◽  
Distributed Cloud

Distributed Cloud Environment (DCE) focuses mainly on securing the data and safely shares it to the user. Data leakage may occur by the channel compromising or with the key managers. It is necessary to safeguard the communication channel between the entities before sharing the data. In this process of sharing, what if the key managers compromises with intruders and reveal the information of the user’s key that is used for encryption. The process of securing the key by using the user’s phrase is the key concept used in the proposed system “Secure Storing and Sharing of Data in Cloud Environment using User Phrase (S3DCE). It does not rely on any key managers to generate the key instead; the user himself generates the key. In order to provide double security, the public key derived from the user’s phrase also encrypts the encryption key. S3DCE guarantees privacy, confidentiality and integrity of the user data while storing and sharing. The proposed method S3DCE is more efficient in terms of time, cost and resource utilization compared to the existing algorithm DaSCE (Data Security for Cloud Environment with Semi Trusted Third Party) [22] and DACESM (Data Security for Cloud Environment with Scheduled Key Managers) [23].

scholarly journals Data Security Protocol with Blind Factor in Cloud Environment

Information ◽  
2021 ◽  
Vol 12 (9) ◽  
pp. 340
Author(s):  
Ping Zhang ◽  
Huanhuan Chi ◽  
Jiechang Wang ◽  
Youlin Shang
Keyword(s):  
Data Security ◽  
Security Protocol ◽  
Third Party ◽  
Cloud Environment ◽  
Security Threat ◽  
Trusted Third Party ◽  
Traditional System ◽  
User Data ◽  
Chosen Ciphertext Attack ◽  
Positive Results

Compared with the traditional system, cloud storage users have no direct control over their data, so users are most concerned about security for their data stored in the cloud. One security requirement is to resolve any threats from semi-trusted key third party managers. The proposed data security for cloud environment with semi-trusted third party (DaSCE) protocol has solved the security threat of key managers to some extent but has not achieved positive results. Based on this, this paper proposes a semi-trusted third-party data security protocol (ADSS), which can effectively remove this security threat by adding time stamp and blind factor to prevent key managers and intermediaries from intercepting and decrypting user data. Moreover, the ADSS protocol is proved to provide indistinguishable security under a chosen ciphertext attack. Finally, the performance evaluation and simulation of the protocol show that the ADSS security is greater than DaSCE, and the amount of time needed is lower than DaSCE.

scholarly journals A Collusion-Resistant Identity-Based Proxy Reencryption Scheme with Ciphertext Evolution for Secure Cloud Sharing

2020 ◽  
Vol 2020 ◽  
pp. 1-16
Author(s):  
Shimao Yao ◽  
Ravi Sankar ◽  
In-Ho Ra
Keyword(s):  
Data Security ◽  
Computing Time ◽  
Public Key Infrastructure ◽  
Public Key ◽  
The Public ◽  
User Data ◽  
Identity Based ◽  
Certificate Management ◽  
Simulation Results ◽  
Authorization Delegation

In order to solve the challenges of user data security in the cloud computing (storage) environment, many encryption solutions with different features have been presented. Among them, proxy reencryption (PRE) based on public-key infrastructure (PKI) is a promising technology for secure cloud sharing. And identity-based proxy reencryption (IBPRE), which uses identity as the public key, eliminates burdensome certificate management and is, therefore, more preferable. However, most of the current IBPRE schemes only focus on the processing of data sharing while overlooking the functions of authorization revocation and ciphertext update, which are more closely related to the security of data itself. Moreover, the few existing schemes that involve ciphertext update turn out to be impractical because the length of ciphertext increases with the reencryption of ciphertext. In this paper, an improved IBPRE scheme, which provides improvements on the inadequacies of the scheme proposed by Ateniese et al. especially in terms of collusion safety and ciphertext evolution, is proposed. To the best of our knowledge, this is a practical IBPRE scheme integrating the functions of access authorization, delegation revocation, ciphertext update, reauthorization, and conditional reservation delegation. The proposed technique has high practicability in the scenario where a large number of ciphertexts need to be updated synchronously. Lastly, the comparative analysis and simulation results show that the two reencryption algorithms in the proposed scheme have the shortest computing time than other schemes.

A New User-controlled and Efficient Encrypted Data Sharing Model in Cloud Storage

2019 ◽  
Vol 13 (4) ◽  
pp. 356-363
Author(s):  
Yuezhong Wu ◽  
Wei Chen ◽  
Shuhong Chen ◽  
Guojun Wang ◽  
Changyun Li
Keyword(s):  
Data Sharing ◽  
Data Security ◽  
Cloud Storage ◽  
Screening Program ◽  
Original Data ◽  
Third Party ◽  
Active System ◽  
Encrypted Data ◽  
Active User ◽  
User Data

Background: Cloud storage is generally used to provide on-demand services with sufficient scalability in an efficient network environment, and various encryption algorithms are typically applied to protect the data in the cloud. However, it is non-trivial to obtain the original data after encryption and efficient methods are needed to access the original data. Methods: In this paper, we propose a new user-controlled and efficient encrypted data sharing model in cloud storage. It preprocesses user data to ensure the confidentiality and integrity based on triple encryption scheme of CP-ABE ciphertext access control mechanism and integrity verification. Moreover, it adopts secondary screening program to achieve efficient ciphertext retrieval by using distributed Lucene technology and fine-grained decision tree. In this way, when a trustworthy third party is introduced, the security and reliability of data sharing can be guaranteed. To provide data security and efficient retrieval, we also combine active user with active system. Results: Experimental results show that the proposed model can ensure data security in cloud storage services platform as well as enhance the operational performance of data sharing. Conclusion: The proposed security sharing mechanism works well in an actual cloud storage environment.

scholarly journals Design and development of a secure certificateless proxy signature based (SE-CLPS) encryption scheme for cloud storage

2021 ◽  
Vol 10 (1) ◽  
pp. 57
Author(s):  
Ms. K. Sudharani ◽  
Dr. N. K. Sakthivel
Keyword(s):  
Computational Cost ◽  
Public Key Cryptography ◽  
True Positive Rate ◽  
Proxy Signature ◽  
Attack Detection ◽  
Third Party ◽  
Public Key ◽  
Secret Key ◽  
True Negative ◽  
The Public

Certificateless Public Key Cryptography (CL-PKC) scheme is a new standard that combines Identity (ID)-based cryptography and tradi- tional PKC. It yields better security than the ID-based cryptography scheme without requiring digital certificates. In the CL-PKC scheme, as the Key Generation Center (KGC) generates a public key using a partial secret key, the need for authenticating the public key by a trusted third party is avoided. Due to the lack of authentication, the public key associated with the private key of a user may be replaced by anyone. Therefore, the ciphertext cannot be decrypted accurately. To mitigate this issue, an Enhanced Certificateless Proxy Signature (E-CLPS) is proposed to offer high security guarantee and requires minimum computational cost. In this work, the Hackman tool is used for detecting the dictionary attacks in the cloud. From the experimental analysis, it is observed that the proposed E-CLPS scheme yields better Attack Detection Rate, True Positive Rate, True Negative Rate and Minimum False Positives and False Negatives than the existing schemes.   

Data Security Issues and Solutions in Cloud Computing

2016 ◽  
pp. 2076-2095
Author(s):  
Abhishek Majumder ◽  
Sudipta Roy ◽  
Satarupa Biswas
Keyword(s):  
Information Technology ◽  
Cloud Computing ◽  
Data Security ◽  
Cloud Service ◽  
Third Party ◽  
Service Availability ◽  
Cloud Environment ◽  
Cloud Service Provider ◽  
Storage And Retrieval ◽  
Security Issues

Cloud is considered as future of Information Technology. User can utilized the cloud on pay-as-you use basis. But many organizations are stringent about the adoption of cloud computing due to their concern regarding the security of the stored data. Therefore, issues related to security of data in the cloud have become very vital. Data security involves encrypting the data and ensuring that suitable policies are imposed for sharing those data. There are several data security issues which need to be addressed. These issues are: data integrity, data intrusion, service availability, confidentiality and non-repudiation. Many schemes have been proposed for ensuring data security in cloud environment. But the existing schemes lag in fulfilling all these data security issues. In this chapter, a new Third Party Auditor based scheme has been proposed for secured storage and retrieval of client's data to and from the cloud service provider. The scheme has been analysed and compared with some of the existing schemes with respect to the security issues. From the analysis and comparison it can be observed that the proposed scheme performs better than the existing schemes.

scholarly journals Perancangan Aplikasi Pengamanan Data Text Menggunakan Kombinasi Algoritma Hill Cipher Dan Algoritma RSA

2018 ◽  
Vol 10 (2) ◽  
Author(s):  
Yuza Reswan ◽  
Dedy Agung Prabowo
Keyword(s):  
Data Security ◽  
Classical Method ◽  
Modern Method ◽  
Public Key ◽  
Original Form ◽  
Secret Key ◽  
The Public ◽  
Rsa Algorithm ◽  
Hill Cipher ◽  
Modern Methods

ABSTRACTIt is now commonplace that secrecy must be truly enhanced and tightened as it weighs the emergence of the latest technology that is growing rapidly. Of course an agency, group, or individual have data that is confidential and do not want to be known by other parties hence the need for a system capable of securing the data. For this reason this research aims to create Cryptography application by applying a combination of Hill Cipher and RSA algorithm, Cryptography is also called coding language and I apply Hill Cipher because it is a classical method that uses multiplication for each encoded character while RSA is a modern method that has 2 keys ie key public and secret key where the public key is used for encryption and secret key to retranslate the original form. By applying a combination of classical and modern methods it can be more secure so it is more difficult to be solved by unwanted parties.Keyword : Data Security, Cryptography, Hill Cipher, RSAABSTRAKDi masa sekarang sudah menjadi hal yang biasa bahwa kerahasiaan harus benar – benar ditingkatkan dan diperketat karena menimbang kemunculan teknologi terbaru yang semakin pesat berkembang. Tentu sebuah Instansi, kelompok, ataupun individu memiliki data yang bersifat rahasia dan tidak ingin diketahui oleh pihak lain maka dari itu diperlukannya system yang mampu mengamankan data tersebut. Untuk itulah penelitian ini bertujuan membuat aplikasi Kriptografi dengan menerapkan kombinasi Algoritma Hill Cipher dan RSA, Kriptografi juga disebut bahasa persandian dan saya menerapkan Hill Cipher karena merupakan metode klasik yang menggunakan perkalian untuk tiap karakter yang disandikan sedangkan RSA adalah metode modern yang memiliki 2 kunci yaitu kunci publik dan kunci rahasia dimana kunci publik digunakan untuk penyandian dan kunci rahasia untuk menterjemahkan kembali k bentuk asli. Dengan menerapkan kombinasi metode klasik dan modern ini dapat lebih mengamankan sehingga lebih sulit untuk dapat di pecahkan oleh pihak – pihak yang tidak diinginkan.Kata Kunci : Pengamanan Data, Kriptografi, Hill Cipher, RSA.

scholarly journals Research Intuitions of Asymmetric Crypto System

2021 ◽  
Vol 12 (3) ◽  
pp. 5024-5033
Author(s):  
Rojasree V. Et. al.
Keyword(s):  
Data Exchange ◽  
Communication Channel ◽  
Public Key Cryptography ◽  
Public Key ◽  
Quantum Computers ◽  
Sensitive Information ◽  
Internet Communication ◽  
The Public ◽  
Pros And Cons ◽  
Almost All

The fast moving world full of data exchange and communication technology, with all sensitive information of an individual virtually available anywhere and anytime, make the Internet world more critical in security aspects. The areas of risks are attended and assured to be safe by means of some sought of crypto mechanisms. The strength and vulnerability of the crypto mechanism defines the durability of the system. The encryption on the communication channel can implement either public or private key algorithms based on the area of applications. The public key cryptography is specifically designed to keep the key itself safe between the sender and receiver themselves. There are plenty of public key cryptographic algorithms but only a few are renowned. This paper is aimed to collect all possible public key cryptographic methods and analyze its pros and cons so as to find a better algorithm to suite almost all conditions in Internet communication world and e-commerce. Research in quantum computers is booming now and it is anticipated that the supremacy of quantum computers will crack the present public key crypto algorithms. This paper highlights issues and challenges to be faced from quantum computing and draws the attention of network researchers to march towards researching on quantum-safe algorithms.

scholarly journals LogPicker: Strengthening Certificate Transparency Against Covert Adversaries

2021 ◽  
Vol 2021 (4) ◽  
pp. 184-202
Author(s):  
Alexandra Dirksen ◽  
David Klein ◽  
Robert Michael ◽  
Tilman Stehr ◽  
Konrad Rieck ◽  
...  
Keyword(s):  
Distributed System ◽  
Large Scale ◽  
Public Key Infrastructure ◽  
Third Party ◽  
Public Key ◽  
Smooth Transition ◽  
Certificate Authority ◽  
Trusted Third Party ◽  
The Public

Abstract HTTPS is a cornerstone of privacy in the modern Web. The public key infrastructure underlying HTTPS, however, is a frequent target of attacks. In several cases, forged certificates have been issued by compromised Certificate Authorities (CA) and used to spy on users at large scale. While the concept of Certificate Transparency (CT) provides a means for detecting such forgeries, it builds on a distributed system of CT logs whose correctness is still insufficiently protected. By compromising a certificate authority and the corresponding log, a covert adversary can still issue rogue certificates unnoticed. We introduce LogPicker, a novel protocol for strengthening the public key infrastructure of HTTPS. LogPicker enables a pool of CT logs to collaborate, where a randomly selected log includes the certificate while the rest witness and testify the certificate issuance process. As a result, CT logs become capable of auditing the log in charge independently without the need for a trusted third party. This auditing forces an attacker to control each participating witness, which significantly raises the bar for issuing rogue certificates. LogPicker is efficient and designed to be deployed incrementally, allowing a smooth transition towards a more secure Web.

Bitcoin

2020 ◽  
pp. 241-258
Author(s):  
Andreas Bolfing
Keyword(s):  
Elliptic Curve Cryptography ◽  
Peer To Peer ◽  
Third Party ◽  
Public Key ◽  
Cryptographic Primitives ◽  
The Public ◽  
A Chain ◽  
Basic Ideas ◽  
Electronic Coin ◽  
Electronic Payment System

Bitcoin was proposed by Nakamoto (2008) as the first electronic payment system, which fully relies on cryptographic primitives in order to work over a purely peer-to-peer system, where everyone can participate in spending funds to other users without the need for a trusted third party. This chapter first introduces the basic ideas of Satoshi Nakamoto, who defined an electronic coin as a chain of digital signatures. It explains how the addresses in Bitcoin are derived, and how the elliptic curve cryptography (ECC) key pair is used in order to transact funds from one user to another. For this, it shows how the transactions are constructed in Bitcoin, based on the most common transaction, which is the Pay-to-Public-Key-Hash transaction. The last section then shows how the transactions are permanently stored in the public ledger, the blockchain, and how the miners solve the Proof-of-Work in order to safeguard the records.

Key Authentication Scheme-based on Discrete Logarithms and Chinese Remainder Theorem

2016 ◽  
Vol 66 (6) ◽  
pp. 590
Author(s):  
P. Kumaraswamy ◽  
C.V. Guru Rao ◽  
V. Janaki ◽  
K.V.T.K.N. Prashanth
Keyword(s):  
Chinese Remainder Theorem ◽  
Authentication Scheme ◽  
Third Party ◽  
Public Key ◽  
Online Services ◽  
Trusted Third Party ◽  
Discrete Logarithms ◽  
The Public ◽  
Public Key Cryptosystems

<p>Public key cryptosystems are secure only when the authenticity of the public key is assured. Shao proposed<br />a new scheme to overcome the problems of the existing schemes, which suffers from two major drawbacks. The<br />first drawback is the availability of users’ passwords in plaintext format in key server which are prone to attacks<br />by ill-minded users. The second one is depending on the key server blindly for certificate generation, without<br />further verification by the user. To overcome these severe drawbacks, we proposed an improved key authentication<br />scheme based on Chinese remainder theorem and discrete logarithms. Our scheme allows the user to generate his/<br />her certificate without the help of any trusted third party. This scheme is intended for online services, military and<br />defense applications to exchange keys securely.<br /> </p>

Sign in / Sign up

Export Citation Format

Share Document