Advertisement

Selective End-To-End Data-Sharing in the Cloud

  • Felix HörandnerEmail author
  • Sebastian Ramacher
  • Simon Roth
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11952)

Abstract

Cloud-based services enable easy-to-use data-sharing between multiple parties, and, therefore, have been widely adopted over the last decade. Storage services by large cloud providers such as Dropbox or Google Drive as well as federated solutions such as Nextcloud have amassed millions of users. Nevertheless, privacy challenges hamper the adoption of such services for sensitive data: Firstly, rather than exposing their private data to a cloud service, users desire end-to-end confidentiality of the shared files without sacrificing usability, e.g., without repeatedly encrypting when sharing the same data set with multiple receivers. Secondly, only being able to expose complete (authenticated) files may force users to expose overmuch information. The receivers, as well as the requirements, might be unknown at issue-time, and thus the issued data set does not exactly match those requirements. This mismatch can be bridged by enabling cloud services to selectively disclose only relevant parts of a file without breaking the parts’ authenticity. While both challenges have been solved individually, it is not trivial to combine these solutions and maintain their security intentions.

In this paper, we tackle this issue and introduce selective end-to-end data-sharing by combining ideas from proxy re-encryption and redactable signature schemes. Proxy re-encryption provides us with the basis for end-to-end encrypted data-sharing, while redactable signatures enable to redact parts and selectively disclose only the remaining still authenticated parts. We overcome the issues encountered when naively combining these two concepts, introduce a security model, and present a modular instantiation together with implementations based on a selection of various building blocks. We conclude with an extensive performance evaluation of our instantiation.

Keywords

Data-sharing End-to-end confidentiality Proxy re-encryption Redactable signatures 

Notes

Acknowledgments

This work was supported by the H2020 EU project credential under grant agreement number 653454.

Supplementary material

References

  1. 1.
    Ateniese, G., Benson, K., Hohenberger, S.: Key-private proxy re-encryption. In: Fischlin, M. (ed.) CT-RSA 2009. LNCS, vol. 5473, pp. 279–294. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-00862-7_19CrossRefGoogle Scholar
  2. 2.
    Ateniese, G., Fu, K., Green, M., Hohenberger, S.: Improved proxy re-encryption schemes with applications to secure distributed storage. In: NDSS. The Internet Society (2005)Google Scholar
  3. 3.
    Ateniese, G., Fu, K., Green, M., Hohenberger, S.: Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Trans. Inf. Syst. Secur. 9(1), 1–30 (2006)CrossRefGoogle Scholar
  4. 4.
    Barbulescu, R., Duquesne, S.: Updating key size estimations for pairings. J. Cryptol. 32(4), 1298–1336 (2019)MathSciNetCrossRefGoogle Scholar
  5. 5.
    Barker, E.: SP 800–57. Recommendation for Key Management, Part 1: General (Rev 4). Technical report, National Institute of Standards & Technology (2016)Google Scholar
  6. 6.
    Blaze, M., Bleumer, G., Strauss, M.: Divertible protocols and atomic proxy cryptography. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 127–144. Springer, Heidelberg (1998).  https://doi.org/10.1007/BFb0054122CrossRefGoogle Scholar
  7. 7.
    Boneh, D., Sahai, A., Waters, B.: Functional encryption: definitions and challenges. In: Ishai, Y. (ed.) TCC 2011. LNCS, vol. 6597, pp. 253–273. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-19571-6_16CrossRefGoogle Scholar
  8. 8.
    Brzuska, C., et al.: Redactable signatures for tree-structured data: definitions and constructions. In: Zhou, J., Yung, M. (eds.) ACNS 2010. LNCS, vol. 6123, pp. 87–104. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-13708-2_6CrossRefGoogle Scholar
  9. 9.
    Camenisch, J., Herreweghen, E.V.: Design and implementation of the idemix anonymous credential system. In: ACM CCS, pp. 21–30. ACM (2002)Google Scholar
  10. 10.
    Camenisch, J., Lysyanskaya, A.: An efficient system for non-transferable anonymous credentials with optional anonymity revocation. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 93–118. Springer, Heidelberg (2001).  https://doi.org/10.1007/3-540-44987-6_7CrossRefGoogle Scholar
  11. 11.
    Camenisch, J., Lysyanskaya, A.: Dynamic accumulators and application to efficient revocation of anonymous credentials. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 61–76. Springer, Heidelberg (2002).  https://doi.org/10.1007/3-540-45708-9_5CrossRefGoogle Scholar
  12. 12.
    Canetti, R., Hohenberger, S.: Chosen-ciphertext secure proxy re-encryption. In: ACM CCS, pp. 185–194. ACM (2007)Google Scholar
  13. 13.
    Chandran, N., Chase, M., Liu, F.-H., Nishimaki, R., Xagawa, K.: Re-encryption, functional re-encryption, and multi-hop re-encryption: a framework for achieving obfuscation-based security and instantiations from lattices. In: Krawczyk, H. (ed.) PKC 2014. LNCS, vol. 8383, pp. 95–112. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-642-54631-0_6CrossRefGoogle Scholar
  14. 14.
    Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Commun. ACM 24(2), 84–88 (1981)CrossRefGoogle Scholar
  15. 15.
    Chaum, D.: Security without identification: transaction systems to make big brother obsolete. Commun. ACM 28(10), 1030–1044 (1985)CrossRefGoogle Scholar
  16. 16.
    Chow, S.S.M., Weng, J., Yang, Y., Deng, R.H.: Efficient unidirectional proxy re-encryption. In: Bernstein, D.J., Lange, T. (eds.) AFRICACRYPT 2010. LNCS, vol. 6055, pp. 316–332. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-12678-9_19CrossRefGoogle Scholar
  17. 17.
    Demirel, D., Derler, D., Hanser, C., Pöhls, H.C., Slamanig, D., Traverso, G.: PRISMACLOUD D4.4: overview of functional and malleable signature schemes. Technical repoet, H2020 PRISMACLOUD (2015)Google Scholar
  18. 18.
    Derler, D., Hanser, C., Slamanig, D.: Revisiting cryptographic accumulators, additional properties and relations to other primitives. In: Nyberg, K. (ed.) CT-RSA 2015. LNCS, vol. 9048, pp. 127–144. Springer, Cham (2015).  https://doi.org/10.1007/978-3-319-16715-2_7CrossRefGoogle Scholar
  19. 19.
    Derler, D., Hanser, C., Slamanig, D.: Revisiting cryptographic accumulators, additional properties and relations to other primitives. IACR ePrint 2015, 87 (2015)Google Scholar
  20. 20.
    Derler, D., Krenn, S., Lorünser, T., Ramacher, S., Slamanig, D., Striecks, C.: Revisiting proxy re-encryption: forward secrecy, improved security, and applications. In: Abdalla, M., Dahab, R. (eds.) PKC 2018. LNCS, vol. 10769, pp. 219–250. Springer, Cham (2018).  https://doi.org/10.1007/978-3-319-76578-5_8CrossRefGoogle Scholar
  21. 21.
    Derler, D., Krenn, S., Slamanig, D.: Signer-anonymous designated-verifier redactable signatures for cloud-based data sharing. In: Foresti, S., Persiano, G. (eds.) CANS 2016. LNCS, vol. 10052, pp. 211–227. Springer, Cham (2016).  https://doi.org/10.1007/978-3-319-48965-0_13CrossRefGoogle Scholar
  22. 22.
    Derler, D., Pöhls, H.C., Samelin, K., Slamanig, D.: A general framework for redactable signatures and new constructions. In: Kwon, S., Yun, A. (eds.) ICISC 2015. LNCS, vol. 9558, pp. 3–19. Springer, Cham (2016).  https://doi.org/10.1007/978-3-319-30840-1_1CrossRefzbMATHGoogle Scholar
  23. 23.
    Derler, D., Ramacher, S., Slamanig, D.: Homomorphic proxy re-authenticators and applications to verifiable multi-user data aggregation. In: Kiayias, A. (ed.) FC 2017. LNCS, vol. 10322, pp. 124–142. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-70972-7_7CrossRefGoogle Scholar
  24. 24.
    European Commission: Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). Official Journal of the European Union L119/59, May 2016Google Scholar
  25. 25.
    Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: ACM CCS, pp. 89–98. ACM (2006)Google Scholar
  26. 26.
    Hörandner, F., Krenn, S., Migliavacca, A., Thiemer, F., Zwattendorfer, B.: CREDENTIAL: a framework for privacy-preserving cloud-based data sharing. In: ARES, pp. 742–749. IEEE Computer Society (2016)Google Scholar
  27. 27.
    Johnson, R., Molnar, D., Song, D., Wagner, D.: Homomorphic signature schemes. In: Preneel, B. (ed.) CT-RSA 2002. LNCS, vol. 2271, pp. 244–262. Springer, Heidelberg (2002).  https://doi.org/10.1007/3-540-45760-7_17CrossRefGoogle Scholar
  28. 28.
    Krenn, S., Lorünser, T., Salzer, A., Striecks, C.: Towards attribute-based credentials in the cloud. In: Capkun, S., Chow, S.S.M. (eds.) CANS 2017. LNCS, vol. 11261, pp. 179–202. Springer, Cham (2018).  https://doi.org/10.1007/978-3-030-02641-7_9CrossRefGoogle Scholar
  29. 29.
    Kundu, A., Bertino, E.: Privacy-preserving authentication of trees and graphs. Int. J. Inf. Sec. 12(6), 467–494 (2013)CrossRefGoogle Scholar
  30. 30.
    Libert, B., Vergnaud, D.: Unidirectional chosen-ciphertext secure proxy re-encryption. In: Cramer, R. (ed.) PKC 2008. LNCS, vol. 4939, pp. 360–379. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-78440-1_21CrossRefGoogle Scholar
  31. 31.
    Menezes, A., Sarkar, P., Singh, S.: Challenges with assessing the impact of NFS advances on the security of pairing-based cryptography. In: Phan, R.C.-W., Yung, M. (eds.) Mycrypt 2016. LNCS, vol. 10311, pp. 83–108. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-61273-7_5CrossRefGoogle Scholar
  32. 32.
    Nguyen, L.: Accumulators from bilinear pairings and applications. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 275–292. Springer, Heidelberg (2005).  https://doi.org/10.1007/978-3-540-30574-3_19CrossRefGoogle Scholar
  33. 33.
    Paquin, C., Zaverucha, G.: U-prove cryptographic specification v1.1 (revision 3). Technical report, Microsoft, December 2013Google Scholar
  34. 34.
    Pirretti, M., Traynor, P., McDaniel, P.D., Waters, B.: Secure attribute-based systems. In: ACM CCS, pp. 99–112. ACM (2006)Google Scholar
  35. 35.
    Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005).  https://doi.org/10.1007/11426639_27CrossRefGoogle Scholar
  36. 36.
    Samelin, K., Pöhls, H.C., Bilzhause, A., Posegga, J., de Meer, H.: Redactable signatures for independent removal of structure and content. In: Ryan, M.D., Smyth, B., Wang, G. (eds.) ISPEC 2012. LNCS, vol. 7232, pp. 17–33. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-29101-2_2CrossRefzbMATHGoogle Scholar
  37. 37.
    Steinfeld, R., Bull, L., Zheng, Y.: Content extraction signatures. In: Kim, K. (ed.) ICISC 2001. LNCS, vol. 2288, pp. 285–304. Springer, Heidelberg (2002).  https://doi.org/10.1007/3-540-45861-1_22CrossRefGoogle Scholar
  38. 38.
    Weng, J., Deng, R.H., Ding, X., Chu, C., Lai, J.: Conditional proxy re-encryption secure against chosen-ciphertext attack. In: AsiaCCS, pp. 322–332. ACM (2009)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Felix Hörandner
    • 1
    Email author
  • Sebastian Ramacher
    • 2
  • Simon Roth
    • 1
  1. 1.Graz University of TechnologyGrazAustria
  2. 2.AIT Austrian Institute of TechnologyViennaAustria

Personalised recommendations