Time-bound key-aggregate encryption for cloud storage

Handling huge loads of data that are subject to change within every second, cloud storage services are facing the challenge of properly dealing with the problem of user legality management while making sure that the services are conveniently user-friendly. Ideally, the concept of attribute-based encryption should be applied, meaning that data should be able to be encrypted using some specific attributes before it is uploaded to cloud, so that fine access control is possible. However, in a traditional attribute-based encryption scheme, the user typically needs to have different attribute-based keys for the decryption of various pieces of data downloaded, which really is a lot of trouble. To solve this problem, the idea of key-aggregate cryptosystem has been brought up. With key-aggregate cryptosystem, the user gets to use one single aggregate key to decrypt data that match all the attributes specified by the user. In addition, in some cases of cloud data usage, we as users might not exactly want to share our cloud data with others 24h a day and for as long as it gets. Therefore, in this paper, we shall propose a time-bound key-aggregate encryption scheme for cloud storage, together with the results of some comparisons as well as correctness and security analyses we have made to prove the superiority of our new scheme over related works. Not only will our new scheme take the burden of maintaining the attribute-based keys off the user, but it will also provide satisfactory confidentiality and security for cloud data in a more efficient way. Copyright © 2016 John Wiley & Sons, Ltd.

[1]  Elisa Bertino,et al.  An Efficient Time-Bound Hierarchical Key Management Scheme for Secure Broadcasting , 2008, IEEE Transactions on Dependable and Secure Computing.

[2]  Cheng-Chi Lee,et al.  An extended chaotic-maps-based protocol with key agreement for multiserver environments , 2013, Nonlinear Dynamics.

[3]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[4]  Jie Wu,et al.  Secure and privacy preserving keyword searching for cloud storage services , 2012, J. Netw. Comput. Appl..

[5]  Antoine Joux,et al.  Separating Decision Diffie–Hellman from Computational Diffie–Hellman in Cryptographic Groups , 2003, Journal of Cryptology.

[6]  Latha Tamilselvan,et al.  Data Integrity Proof and Secure Computation in Cloud Computing , 2012 .

[7]  Cheng-Chi Lee,et al.  A Survey on Attribute-based Encryption Schemes of Access Control in Cloud Environments , 2013, Int. J. Netw. Secur..

[8]  Cheng-Chi Lee,et al.  A two-factor authentication scheme with anonymity for multi-server environments , 2015, Secur. Commun. Networks.

[9]  Hung-Min Sun,et al.  An Efficient Time-Bound Hierarchical Key Management Scheme without Tamper-Resistant Devices , 2012, 2012 International Conference on Computing, Measurement, Control and Sensor Network.

[10]  Li Xu,et al.  Data dynamics for remote data possession checking in cloud storage , 2013, Comput. Electr. Eng..

[11]  Jie Wu,et al.  An Efficient Privacy Preserving Keyword Search Scheme in Cloud Computing , 2009, 2009 International Conference on Computational Science and Engineering.

[12]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[13]  Yiming Ye,et al.  Security of Tzeng's Time-Bound Key Assignment Scheme for Access Control in a Hierarchy , 2003, IEEE Trans. Knowl. Data Eng..

[14]  Jie Wu,et al.  Time-based proxy re-encryption scheme for secure data sharing in a cloud environment , 2014, Inf. Sci..

[15]  Brian King A Dynamic Threshold Decryption Scheme Using Bilinear Pairings , 2015, Int. J. Netw. Secur..

[16]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[17]  Martín Abadi,et al.  A logic of authentication , 1990, TOCS.

[18]  Ming Zhao,et al.  Fault-tolerant Verifiable Keyword Symmetric Searchable Encryption in Hybrid Cloud , 2015, Int. J. Netw. Secur..

[19]  Ze-mao Zhao ID-based Weak Blind Signature From Bilinear Pairings , 2008, Int. J. Netw. Secur..

[20]  Naveen K. Chilamkurti,et al.  A secure temporal-credential-based mutual authentication and key agreement scheme with pseudo identity for wireless sensor networks , 2015, Inf. Sci..

[21]  Cong Wang,et al.  Dynamic Data Operations with Deduplication in Privacy-Preserving Public Auditing for Secure Cloud Storage , 2017, 22017 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC).

[22]  Cheng-Chi Lee,et al.  A new three-party-authenticated key agreement scheme based on chaotic maps without password table , 2014, Nonlinear Dynamics.

[23]  Yuqing Zhang,et al.  Mona: Secure Multi-Owner Data Sharing for Dynamic Groups in the Cloud , 2013, IEEE Transactions on Parallel and Distributed Systems.

[24]  Sherali Zeadally,et al.  Authentication protocol for an ambient assisted living system , 2015, IEEE Communications Magazine.

[25]  Hung-Min Sun,et al.  On the Security of an Efficient Time-Bound Hierarchical Key Management Scheme , 2009, IEEE Transactions on Dependable and Secure Computing.

[26]  Jie Wu,et al.  Hierarchical attribute-based encryption for fine-grained access control in cloud storage services , 2010, CCS '10.

[27]  Robert H. Deng,et al.  Key-Aggregate Cryptosystem for Scalable Data Sharing in Cloud Storage , 2014, IEEE Transactions on Parallel and Distributed Systems.

[28]  Cong Wang,et al.  Achieving Secure, Scalable, and Fine-grained Data Access Control in Cloud Computing , 2010, 2010 Proceedings IEEE INFOCOM.

[29]  Victor R. L. Shen,et al.  A time- bound hierarchical access control for multicast systems , 2012, 2012 International Conference on Machine Learning and Cybernetics.

[30]  Cheng-Chi Lee,et al.  Robust anonymous authentication protocol for health-care applications using wireless medical sensor networks , 2013, Multimedia Systems.

[31]  Jin Li,et al.  Privacy-preserving data utilization in hybrid clouds , 2014, Future Gener. Comput. Syst..

[32]  Jin Wang,et al.  Mutual Verifiable Provable Data Auditing in Public Cloud Storage , 2015 .

[33]  I-En Liao,et al.  Efficient Identity-Based Key Management for Configurable Hierarchical Cloud Computing Environment , 2011, 2011 IEEE 17th International Conference on Parallel and Distributed Systems.

[34]  Zhenfu Cao,et al.  Group Oriented Identity-based Deniable Authentication Protocol from the Bilinear Pairings , 2007, Int. J. Netw. Secur..

[35]  Xun Yi,et al.  Security of Chien's efficient time-bound hierarchical key assignment scheme , 2005, IEEE Transactions on Knowledge and Data Engineering.

[36]  Saswati Mukherjee,et al.  Metadata Driven Efficient Key Generation and Distribution in Cloud Security , 2014, J. Comput. Sci..

[37]  Yi Mu,et al.  Identity-based data storage in cloud computing , 2013, Future Gener. Comput. Syst..

[38]  Hung-Yu Chen,et al.  Efficient time-bound hierarchical key assignment scheme , 2004 .

[39]  Stefan Katzenbeisser,et al.  Distributed Attribute-Based Encryption , 2009, ICISC.

[40]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[41]  Cheng-Chi Lee,et al.  Cryptanalysis of a secure and efficient authentication protocol for anonymous channel in wireless communications , 2012, Secur. Commun. Networks.

[42]  Antoine Joux,et al.  A One Round Protocol for Tripartite Diffie–Hellman , 2000, Journal of Cryptology.

[43]  Wen-Guey Tzeng,et al.  A Time-Bound Cryptographic Key Assignment Scheme for Access Control in a Hierarchy , 2002, IEEE Trans. Knowl. Data Eng..

[44]  Chun-I Fan,et al.  Controllable privacy preserving search based on symmetric predicate encryption in cloud storage , 2013, Future Gener. Comput. Syst..

[45]  Ahmad-Reza Sadeghi,et al.  Twin Clouds: An Architecture for Secure Cloud Computing , 2011 .

[46]  Cheng-Chi Lee,et al.  A dynamic identity-based user authentication scheme for remote login systems , 2015, Secur. Commun. Networks.

[47]  Sherali Zeadally,et al.  Certificateless Public Auditing Scheme for Cloud-Assisted Wireless Body Area Networks , 2018, IEEE Systems Journal.

[48]  Jie Wu,et al.  Hierarchical attribute-based encryption and scalable user revocation for sharing data in cloud servers , 2011, Comput. Secur..

[49]  Brent Waters,et al.  Collusion Resistant Broadcast Encryption with Short Ciphertexts and Private Keys , 2005, CRYPTO.

[50]  Yang Gao,et al.  Secure cloud storage based on cryptographic techniques , 2012 .

[51]  Hyunsoo Yoon,et al.  Secure and efficient data retrieval over encrypted data using attribute-based encryption in cloud storage , 2013, Comput. Electr. Eng..

[52]  Jie Wu,et al.  Achieving fine‐grained access control for secure data sharing on cloud servers , 2011, Concurr. Comput. Pract. Exp..