Who Is Touching My Cloud

Deng, Haoran; Wu, Qianhong; Qin, Bo; Mao, Jian; Liu, Xiao; Zhang, Lei; Shi, Wenchang

doi:10.1007/978-3-319-11203-9_21

Cited by 26 publications

(10 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Very recently, Liu et al [28] refined this technique with chameleon hash to convert a CPA-secure attribute-based encryption (ABE) scheme into a CCA2-secure ABE scheme. Deng et al [15,16] shows how to trace compromised secret keys in IBE and ABE systems.…”

Section: Identity-based Encryptionmentioning

confidence: 99%

Practical chosen-ciphertext secure Hierarchical Identity-Based Broadcast Encryption

Liu

et al. 2015

Int. J. Inf. Secur.

Self Cite

View full text Add to dashboard Cite

We focus on practical Hierarchical IdentityBased Broadcast Encryption (HIBBE) with semantic security against adaptively chosen-ciphertext attacks (CCA2) in the standard model. We achieve this goal in two steps. First, we propose a new HIBBE scheme that is secure against chosenplaintext attacks (CPA). Compared with the existing HIBBE scheme that is built from composite-order bilinear groups, our construction is based on prime-order bilinear groups. The much better efficiency of group operations in prime-order bilinear groups makes our proposed HIBBE scheme more practical. Then, we convert it into a CCA2-secure scheme at the cost of a one-time signature. Instead of extending one user hierarchy in the Canetti-Halevi-Katz approach from CPA-secure (l + 1)-Hierarchical Identity-Based Encryption [(l + 1)-HIBE] to CCA2-secure l-HIBE, our construction merely adds one on-the-fly dummy user in the basic scheme. B Qianhong WuWe formally prove the security of these two schemes in the standard model. Comprehensive theoretical analyses and experimental results demonstrate that the proposed HIBBE schemes achieve desirable performance.

show abstract

Section: Identity-based Encryptionmentioning

confidence: 99%

Practical chosen-ciphertext secure Hierarchical Identity-Based Broadcast Encryption

Liu

et al. 2015

Int. J. Inf. Secur.

Self Cite

View full text Add to dashboard Cite

show abstract

“…Liu et al [28] enhanced chosen-plaintext secure ABE with adaptively chosen ciphertext security at a marginal cost. The leakage tracing mechanism was further realized in cloud storage with ABE for fine-grained access control [13].…”

Section: Related Workmentioning

confidence: 99%

Asymmetric Cross-cryptosystem Re-encryption Applicable to Efficient and Secure Mobile Access to Outsourced Data

Deng

Qin

et al. 2015

Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security

Self Cite

View full text Add to dashboard Cite

With the increasing development of pervasive computing and wireless bandwidth communication, more mobile devices are used to access sensitive data stored in remote servers. In such applications, a practical issue emerges such as how to exploit the sufficient resource of a server so that the file owners can enforce fine-grained access control over the remotely stored files, while enable resource-limited mobile devices to easily access the protected data, especially if the storage server maintained by a third party is untrusted. This challenge mainly arises from the asymmetric capacity among the participants, i.e., the capacity limited mobile devices and the resource abundant server (and file owners equipped with fixed computers). To meet the security requirements in mobile access to sensitive data, we propose a new encryption paradigm, referred to as asymmetric cross-cryptosystem reencryption (ACCRE) by leveraging the asymmetric capacity of the participants. In ACCRE, relatively light-weight identity-based encryption (IBE) is deployed in mobile devices, while resource-consuming but versatile identity-based broadcast encryption (IBBE) is deployed in servers and fixed computers of the file owners. The core of ACCRE is a novel ciphertext conversion mechanism that allows an authorized proxy to convert a complicated IBBE ciphertext into a simple IBE ciphertext affordable to mobile devices, without leaking any sensitive information to the proxy. Following this paradigm, we propose an efficient ACCRE scheme with its security formally reduced to the security of the underlying IBE and IBBE schemes. Thorough theoretical analyses and extensive experiments confirm that the scheme takes Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from permissions@acm.org. ASIA CCS'very small cost for mobile devices to access encrypted data and is practical to secure mobile computing applications.

show abstract

“…However, this remote storage paradigm also brings security concerns about integrity and privacy over the outsourced files [25,7]. To address the integrity concern, a number of cryptographic concepts have been introduced, for example, Proofs of Storage [3], Provable Data Possession (PDP) [1] and Proofs of Retrievability (PoR) [11].…”

Section: Introductionmentioning

confidence: 99%

Group-oriented Proofs of Storage

Wang

Qin

et al. 2015

Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security

Self Cite

View full text Add to dashboard Cite

We introduces and formalizes the notion of group-oriented proofs of storage (GPoS). In GPoS, each file owner, after being authorized as a member by a group manager, can outsource files to a group storage account maintained by an untrusted party, for example, a cloud storage server, while anyone can efficiently verify the integrity of the remotely stored files without seeing the files. The file owner's identity privacy is preserved against the cloud server while the group manager can trace the one who outsourced any suspicious file for liability investigation. By novelly identifying and exploiting several useful properties, that is, homomorphic composability and homomorphic verifiability in some signatures, we propose a generic GPoS construction relying on the security of the underlying signature scheme and the hardness of the computational Diffie-Hellman (CDH) problem. Following the generic construction, we instantiate a concrete GPoS scheme with the well-known Boneh-Boyen short signature. By leveraging the polynomial commitment technique, the proposed GPoS proposal is optimized with constant-size bandwidth consumption in proof of storage by the cloud server. Theoretical analyses and comparisons show that our GPoS proposal is advantageous over existing PoSlike schemes in user privacy, public audibility and/or performance in a multi-user setting.

show abstract

Who Is Touching My Cloud

Cited by 26 publications

References 21 publications

Practical chosen-ciphertext secure Hierarchical Identity-Based Broadcast Encryption

Practical chosen-ciphertext secure Hierarchical Identity-Based Broadcast Encryption

Asymmetric Cross-cryptosystem Re-encryption Applicable to Efficient and Secure Mobile Access to Outsourced Data

Group-oriented Proofs of Storage

Contact Info

Product

Resources

About