Cryptographic enforcement of information flow policies without public information via tree partitions1

Crampton, Jason; Farley, Naomi; Gutin, Gregory; Jones, Mark; Poettering, Bertram

doi:10.3233/jcs-16863

Cited by 6 publications

(3 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…An assignment scheme with a hierarchical key was recently proposed [14]. Contrasting with some established schemes that generally encloses a single secret key and few public information to process the decryption process, the proposed system did not share any public information as it is based on access policy chain partitions.…”

Section: Related Workmentioning

confidence: 99%

EDES-ACM: Enigma Diagonal Encryption Standard Access Control Model for Data Security in Cloud Environment

Sameer¹,

Rohil²

2020

IJACSA

View full text Add to dashboard Cite

The data management across the different domains is the foremost requirement for many organizations universally. The organization establishes the cloud computing paradigm to handle the data effectively due to its robust scaling at a low cost. In recent times the usage of cloud and its data is increasing with the multiuser environments. This resulted in the issue of ensuring the security of data in the cloud environment uploaded by the owners. The cloud service providers and researchers implemented several schemes to ensure data security. However, the task of providing security with multiuser remains tedious with data leakage. A novel Enigmatic Diagonal Encryption Standard (EDES) algorithm to provide access control over the cloud is proposed. The framework with the proposed algorithm is named as EDES-ACM. The Inverse Decisional Diffie Hellman (IDDH) technique is used for generating the signature of the group. The data is encrypted with the EDES algorithm by the data owner. The encrypted data is provided to the user and is accessed by the EDES based private key. The group manager monitors the cloud and provides the activity report to owners based on which the revocation is performed. The framework is validated for its performance on security parameters and compared with the existing models on computation cost. The EDES-ACM framework is effective with low computation cost. The future notion for the proposed framework is to include the block chain technology that may improve the security and better accumulation of data.

show abstract

Section: Related Workmentioning

confidence: 99%

EDES-ACM: Enigma Diagonal Encryption Standard Access Control Model for Data Security in Cloud Environment

Sameer¹,

Rohil²

2020

IJACSA

View full text Add to dashboard Cite

show abstract

“…As a result, we can reduce the size of the encrypted information on the edges and only store them for any node v i such that there exists an edge (v i , v j ) ∈ E and v i is not the parent of v j and as such cannot deterministically derive the secret value S j by starting from its own secret value S i . With this optimization in place, our scheme is comparable to a tree-based hierarchical key assignment scheme [8] where we store the additional derivation keys as encrypted information on the edges instead of storing them as secrets within each node that requires them. Finally, if the key generation and derivation processes happen on the fly (i.e., when the entire process starts from the seed), then the only private storage required is proportional to the length of the initial seed S −1 , i.e., to the length of the security parameter λ.…”

Section: For Each Vertexmentioning

confidence: 99%

Arcula: A Secure Hierarchical Deterministic Wallet for Multi-asset Blockchains

Luzio¹,

Francati²,

Ateniese³

2019

Preprint

View full text Add to dashboard Cite

This work presents Arcula, a new design for hierarchical deterministic wallets that significantly improves the state of the art. Arcula is built on top of provably secure cryptographic primitives. It generates all its cryptographic secrets from a user-provided seed and enables the derivation of new signing public keys without requiring any secret information. Unlike other wallets, it achieves all these properties while being secure against privilege escalation. We prove that an attacker compromising an arbitrary number of users within an Arcula wallet cannot escalate his privileges and compromise users higher in the access hierarchy. Our design works out-of-the-box with any blockchain that enables the verification of signatures on arbitrary messages. We evaluate its usage in a real-world scenario on the Bitcoin Cash network.

show abstract

“…Another piece of work using a hierarchical key assignment scheme is recently proposed [7]. Unlike other relevant schemes that need a single secret and some public information to derive decryption keys, this system does not require publishing any public information for the key derivation operation in the lower down classes because it is based on the concept of chain partitions of the access policy.…”

Section: Introductionmentioning

confidence: 99%

Survey on Revocation in Ciphertext-Policy Attribute-Based Encryption

Al‐Dahhan

Shi

Lee

et al. 2019

Sensors

View full text Add to dashboard Cite

Recently, using advanced cryptographic techniques to process, store, and share datasecurely in an untrusted cloud environment has drawn widespread attention from academicresearchers. In particular, Ciphertext‐Policy Attribute‐Based Encryption (CP‐ABE) is a promising,advanced type of encryption technique that resolves an open challenge to regulate fine‐grainedaccess control of sensitive data according to attributes, particularly for Internet of Things (IoT)applications. However, although this technique provides several critical functions such as dataconfidentiality and expressiveness, it faces some hurdles including revocation issues and lack ofmanaging a wide range of attributes. These two issues have been highlighted by many existingstudies due to their complexity which is hard to address without high computational cost affectingthe resource‐limited IoT devices. In this paper, unlike other survey papers, existing single andmultiauthority CP‐ABE schemes are reviewed with the main focus on their ability to address therevocation issues, the techniques used to manage the revocation, and comparisons among themaccording to a number of secure cloud storage criteria. Therefore, this is the first review paperanalysing the major issues of CP‐ABE in the IoT paradigm and explaining the existing approachesto addressing these issues.

show abstract

Cryptographic enforcement of information flow policies without public information via tree partitions1

Cited by 6 publications

References 25 publications

EDES-ACM: Enigma Diagonal Encryption Standard Access Control Model for Data Security in Cloud Environment

EDES-ACM: Enigma Diagonal Encryption Standard Access Control Model for Data Security in Cloud Environment

Arcula: A Secure Hierarchical Deterministic Wallet for Multi-asset Blockchains

Survey on Revocation in Ciphertext-Policy Attribute-Based Encryption

Contact Info

Product

Resources

About