Cluster Computing

, Volume 16, Issue 4, pp 845–859 | Cite as

Simultaneous authentication and secrecy in identity-based data upload to cloud

  • Bo Qin
  • Huaqun Wang
  • Qianhong Wu
  • Jianwei Liu
  • Josep Domingo-Ferrer
Article

Abstract

Most existing works to secure cloud devote to remote integrity check, search and computing on encrypted data. In this paper, we deal with simultaneous authentication and secrecy when data are uploaded to cloud. Observing that cloud is most interesting to companies in which multiple authorized employees are allowed to upload data, we propose a general framework for secure data upload in an identity-based setting. We present and employ identity-based signcryption (IBSC) to meet this goal. As it is shown that it is challenging to construct IBSC scheme in the standard model and most IBSC schemes are realized in the random oracle model which is regarded weak to capture the realistic adversaries, we propose a new IBSC scheme simultaneously performing encryption and signature with cost less than the signature-then-encryption approach. The identity based feature eliminates the complicated certificates management in signcryption schemes in the traditional public-key infrastructure (PKI) setting. Our IBSC scheme exploits Boneh et al.’s strongly unforgeable signature and Paterson et al.’s identity-based signature. The scheme is shown to satisfy semantic security and strong unforgeability. The security relies on the well-defined bilinear decision Diffie-Hellman (BDDH) assumption and the proof is given in the standard model. With our IBSC proposal, a secure data upload scheme is instantiated with simultaneous authentication and secrecy in a multi-user setting.

Keywords

Cloud Computing Authentication Secrecy Bilinear pairings 

References

  1. 1.
    An, J.H., Dodis, Y., Rabin, T.: On the security of joint signature and encryption. In: Proceedings of EUROCRYPT’02, vol. 2332, pp. 83–107 (2002) Google Scholar
  2. 2.
    Armknecht, F., Augot, D., Perret, L., Sadeghi, A.: On constructing homomorphic encryption schemes from coding theory. In: Proceedings of Cryptography and Coding—13th IMA International Conference, Oxford, UK, December 2011, pp. 23–40 (2011) Google Scholar
  3. 3.
    Ateniese, G., Burns, R., Curtmola, R., Herring, J., Khan, O., Kissner, L., Peterson, Z., Song, D.: Remote data checking using provable data possession. ACM Trans. Inf. Syst. Secur. 14(1), 12.1–12.34 (2011) CrossRefGoogle Scholar
  4. 4.
    Ateniese, G., Burns, R., Curtmola, R., Herring, J., Kissner, L., Peterson, Z., Song, D.: Provable data possession at untrusted stores. In: Proc. of ACM CCS’07, pp. 598–609 (2007) Google Scholar
  5. 5.
    Baek, J., Steinfeld, R., Zheng, Y.: Formal proofs for the security of signcryption. In: Proc. of PKC’02, vol. 2274, pp. 80–98 (2002) Google Scholar
  6. 6.
    Baek, J., Steinfeld, R., Zheng, Y.: Formal proofs for the security of signcryption. J. Cryptol. 20(2), 203–235 (2007) MathSciNetCrossRefMATHGoogle Scholar
  7. 7.
    Barreto, P.S.L.M., Libert, B., McCullagh, N., Quisquater, J.J.: Efficient and provably-secure identity based signatures and signcryption from Bilinear maps. In: Proc. of ASIACRYPT’05, vol. 3788, pp. 515–532 (2005) Google Scholar
  8. 8.
    Bellare, M., Shoup, S.: Two-tier signatures, strongly unforgeable signatures, and fiat-shamir without random oracles. In: Proc. of PKC’07, vol. 4450, pp. 201–216 (2007) Google Scholar
  9. 9.
    Boneh, D., Lynn, B., Shacham, H.: Short signatures from the weil pairing. In: Proc. of ASIACRYPT’01, vol. 2248, pp. 514–532 (2011) Google Scholar
  10. 10.
    Boneh, D., Shen, E., Waters, B.: Strongly unforgeable signatures based on computational diffie-hellman. In: Proc. of PKC’06, vol. 3958, pp. 229–240 (2006) Google Scholar
  11. 11.
    Boyen, X.: Multipurpose identity based signcryption: a swiss army knife for identity based cryptography. In: Proc. of CRYPTO’03, vol. 2792, pp. 383–399 (2003) Google Scholar
  12. 12.
    Brakerski, Z., Vaikuntanathan, V.: Fully homomorphic encryption from ring-LWE and security for key dependent messages. In: Proc. of CRYPTO’11, vol. 6841, pp. 505–524 (2011) Google Scholar
  13. 13.
    Canetti, R., Goldreich, O., Halevi, S.: The random oracle methodology. J. ACM 51(4), 557–594 (2004) MathSciNetCrossRefMATHGoogle Scholar
  14. 14.
    Chatterjee, P., Sengupta, I., Ghosh, S.K.: STACRP: a secure trusted auction oriented clustering based routing protocol for MANET. Clust. Comput. 15, 303–320 (2012) CrossRefGoogle Scholar
  15. 15.
    Chen, L., Malone-Lee, J.: Improved identity-based signcryption. In: Proc. of PKC’05, vol. 3386, pp. 362–379 (2005) Google Scholar
  16. 16.
    Chow, S.S.M., Yiu, S.M., Hui, L.C.K., Chow, K.P.: Efficient forward and provably secure ID-based signcryption scheme with public verifiability and public ciphertext authenticity. In: Proc. of ICISC’03, vol. 2971, pp. 352–369 (2004) Google Scholar
  17. 17.
    Di Pietro, R., Blass, E.-O., Molva, R., Onen, M.: PRISM—privacy-preserving searches in MapReduce. In: Proc. of PET’02, vol. 7384, pp. 180–200 (2012) Google Scholar
  18. 18.
    Fan, J., Zheng, Y., Tang, X.: Signcryption with non-interactive non-repudiation without random oracles. In: Transactions on Computational Science X, vol. 6340, pp. 202–230 (2010) CrossRefGoogle Scholar
  19. 19.
    Gentry, C.: Fully homomorphic encryption using ideal lattices. In: Proc. of STOC 2009, pp. 169–178 (2009) Google Scholar
  20. 20.
    Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proc. of ACM CCS’06, pp. 89–98 (2006) Google Scholar
  21. 21.
    Huang, Q., Wong, D.S., Li, J., Zhao, Y.: Generic transformation from weakly to strongly unforgeable signatures. J. Comput. Sci. Technol. 23(2), 240–252 (2008) MathSciNetCrossRefGoogle Scholar
  22. 22.
    Itani, W., Kayssi, A., Chehab, A.: SNUAGE: An Efficient Platform-as-a-service Security Framework for the Cloud. Cluster Comput. Accessed: 1 December (2012). Retrieved from: http://link.springer.com/article/10.1007%2Fs10586-012-0223-x
  23. 23.
    Jin, Z.P., Wen, Q.Y., Du, H.Z.: An improved semantically-secure identity-based signcryption scheme in the standard model. Comput. Electr. Eng. 36(3), 545–552 (2010) CrossRefMATHGoogle Scholar
  24. 24.
    Kamara, S., Lauter, K.: Cryptographic cloud storage. In: Proc. of Financial Cryptography Workshops 2010. Lecture Notes in Computer Science, vol. 6054, pp. 136–149 (2010) Google Scholar
  25. 25.
    Kim, I., Lee, D., Kim, K.J., Lee, J.: Flexible authorization in home network environments. Clust. Comput. 15, 3–15 (2012) CrossRefGoogle Scholar
  26. 26.
    Li, M., Yu, S., Cao, N., Lou, W.: Authorized private keyword search over encrypted data in cloud computing. In: Proc. of the 2011 31st International Conference on Distributed Computing Systems (ICDCS’11), pp. 383–392. IEEE Comput. Soc., Washington (2011) CrossRefGoogle Scholar
  27. 27.
    Libert, B., Quisquator, J.J.: A new identity based signcryption scheme from pairings. In: Proc. of IEEE Information Theory Workshop, Paris, France, pp. 155–158 (2003) Google Scholar
  28. 28.
    Liu, Z.H., Hu, Y.P., Zhang, X.S., Ma, H.: Certificateless signcryption scheme in the standard model. Inf. Sci. 180(3), 452–464 (2010) MathSciNetCrossRefMATHGoogle Scholar
  29. 29.
    Malone-Lee, J.: Identity Based Signcryption, Cryptology ePrint Archive. IACR Report 2002/098. Accessed: 1 December (2012). Retrieved from: http://eprint.iacr.org/2002/098.pdf
  30. 30.
    Matsuda, T., Attrapadung, N., Hanaoka, G., Matsuura, K., Imai, H.: A CDH-based strongly unforgeable signature without collision resistant hash function. In: Proc. of International Conference on Provable Security. Lecture Notes in Computer Science, vol. 4784, pp. 68–84 (2007) CrossRefGoogle Scholar
  31. 31.
    Paterson, K.G., Schuldt, J.C.N.: Efficient identity-based signatures secure in the standard model. In: Proc. of ACISP’06. Lecture Notes in Computer Science, vol. 4058, pp. 207–222 (2006) Google Scholar
  32. 32.
    Qin, B., Wang, H., Wu, Q., Liu, J., Domingo-Ferrer, J.: An identity based signcryption scheme in the standard model. In: Proc. of the 4-th International Conference on Intelligent Networking and Collaborative Systems—INCOS 2012, Bucharest, Romania, September 2012, pp. 606–611 (2012) CrossRefGoogle Scholar
  33. 33.
    Sadeghi, A.-R., Schneider, T., Winandy, M.: Token-based cloud computing. In: Proc. of TRUST’10, Berlin, Germany, June 2010, pp. 417–429 (2010) Google Scholar
  34. 34.
    Wang, H.: Proxy Provable Data Possession in Public Clouds. IEEE Transactions on Services Computing. IEEE computer Society Digital Library, 07 December (2012). http://doi.ieeecomputersociety.org/10.1109/TSC.2012.35
  35. 35.
    Wang, H., Zhang, Y.: On the Knowledge Soundness of a Cooperative Provable Data Possession Scheme in Multicloud Storage. IEEE Trans. Parallel Distrib. Syst. PP(99), 1. doi:10.1109/TPDS.2013.16
  36. 36.
    Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Proc. of Eurocrypt’05. Lecture Notes in Computer Science, vol. 3494, pp. 457–473 (2005) Google Scholar
  37. 37.
    Security Guidance for Critical Areas of Focus in Cloud Computing. Accessed: 12 November (2012). Retrieve from: www.cloudsecurityalliance.org
  38. 38.
    Steinfeld, R., Pieprzyk, J., Wang, H.X.: How to strengthen any weakly unforgeable signature into a strongly unforgeable signature. In: Proc. of CT-RSA’07. Lecture Notes in Computer Science, vol. 4377, pp. 357–371 (2007) Google Scholar
  39. 39.
    Wang, L.L., Zhang, G.Y., Ma, C.G.: A secure ring signcryption scheme for private and anonymous communication. In: Proc. of IFIP International Conference on Network and Parallel Computing—NPC Workshops 2007, Dalian, China, September 2007, pp. 107–111 (2007) CrossRefGoogle Scholar
  40. 40.
    Wu, Q., Mu, Y., Susilo, W., Qin, B., Domingo-Ferrer, J.: Asymmetric group key agreement. In: Proc. of EUROCRYPT’09, vol. 5479, pp. 153–170 (2009) Google Scholar
  41. 41.
    Wu, Q., Qin, B., Zhang, L., Domingo-Ferrer, J., Farràs, O.: Bridging broadcast encryption and group key agreement. In: Proc. of ASIACRYPT’11. Lecture Notes in Computer Science, vol. 7073, pp. 143–160 (2011) Google Scholar
  42. 42.
    Yu, Y., Yang, B., Sun, Y., Zhu, S.L.: Identity based signcryption scheme without random oracles. Comput. Stand. Interfaces 31(1), 56–62 (2009) CrossRefGoogle Scholar
  43. 43.
    Zhang, M., Li, P., Yang, B., Wang, H., Takagi, T.: Towards confidentiality of ID-based signcryption schemes under without random oracle model. In: Proc. of PAISI’10. Lecture Notes in Computer Science, vol. 6122, pp. 98–104 (2010) Google Scholar
  44. 44.
    Zhang, G., Parashar, M.: Cooperative detection and protection against network attacks using decentralized information sharing. Clust. Comput. 13, 67–86 (2010) CrossRefGoogle Scholar
  45. 45.
    Zhang, B., Xu, Q.L.: An ID-based anonymous signcryption scheme for multiple receivers secure in the standard model. In: Proc. of AST/UCMA/ISA/ACN 2010. Lecture Notes in Computer Science, vol. 6059, pp. 15–27 (2010) Google Scholar
  46. 46.
    Zhang, M., Yang, B., Takagi, T., Shen, Y., Zhang, W.: Fuzzy biometric signcryption scheme with bilinear pairings in the standard model. In: Proc. of PAISI’10. Lecture Notes in Computer Science, vol. 6122, pp. 77–87 (2010) Google Scholar
  47. 47.
    Zheng, Y.: Digital signcryption or how to achieve cost (Signature & Encryption) ≤ Cost (Signature) + Cost (Encryption). In: Proc. of CRYPTO’97. Lecture Notes in Computer Science, vol. 1294, pp. 165–179 (1997) Google Scholar

Copyright information

© Springer Science+Business Media New York 2013

Authors and Affiliations

  • Bo Qin
    • 1
    • 2
  • Huaqun Wang
    • 2
    • 3
  • Qianhong Wu
    • 2
    • 4
  • Jianwei Liu
    • 4
  • Josep Domingo-Ferrer
    • 2
  1. 1.School of InformationRenmin University of ChinaBeijingP.R. China
  2. 2.Department of Computer Engineering and Mathematics, UNESCO Chair in Data PrivacyUniversitat Rovira i VirgiliTarragonaCatalonia
  3. 3.School of Information EngineeringDalian Ocean UniversityDalianChina
  4. 4.School of Electronic and Information EngineeringBeihang UniversityBeijingChina

Personalised recommendations