While Mobile Encounters with Clouds

  • Man Ho Au
  • Kaitai LiangEmail author
  • Joseph K. Liu
  • Rongxing Lu
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9955)


To date the considerable computation and storage power of clouds that have attracted great attention from mobile users and mobile service providers over the past few years. The convergence of mobile devices and clouds that leads to a brand new era of could-based mobile applications. It brings long-listed advantages for mobile users to get rid of the constraints of mobile devices (including limited mobile memory, data processing ability and battery). However, mobile clouds yield new security and privacy risks in open network setting. This survey paper attempts to introduce security risks on mobile clouds in the view point of applied cryptography.


Mobile Device Mobile User Advance Encryption Standard Cloud Service Provider Mobile Cloud 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.



K. Liang is supported by privacy-aware retrieval and modelling of genomic data (No. 13283250), the Academy of Finland.


  1. 1.
    Announcing the Advanced Encryption Standard (AES). Federal Information Processing Standards Publication 197. United States National Institute of Standards and Technology (NIST), 26 November 2001. Accessed 2 Oct 2012Google Scholar
  2. 2.
    Acar, T., Belenkiy, M., Küpçü, A.: Single password authentication. Comput. Netw. 57(13), 2597–2614 (2013)CrossRefGoogle Scholar
  3. 3.
    Albrecht, M.R., Rechberger, C., Schneider, T., Tiessen, T., Zohner, M.: Ciphers for MPC and FHE. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 430–454. Springer, Heidelberg (2015)Google Scholar
  4. 4.
  5. 5.
    Ateniese, G., Burns, R.C., Curtmola, R., Herring, J., Khan, O., Kissner, L., Peterson, Z.N.J., Song, D.: Remote data checking using provable data possession. ACM Trans. Inf. Syst. Secur. 14(1), 12 (2011)CrossRefGoogle Scholar
  6. 6.
    Berson, Thomas, A.: Differential cryptanalysis mod 232 with applications to MD5. In: Rueppel, Rainer A. (ed.) EUROCRYPT 1992. LNCS, pp. 71–80. Springer, Heidelberg (1993). doi: 10.1007/3-540-47555-9_6 Google Scholar
  7. 7.
    Bhattasali, T., Saeed, K., Chaki, N., Chaki, R.: A survey of security and privacy issues for biometrics based remote authentication in cloud. In: Saeed, K., Snášel, V. (eds.) CISIM 2014. LNCS, vol. 8838, pp. 112–121. Springer, Heidelberg (2014)Google Scholar
  8. 8.
    Boneh, D., Boyen, X.: Efficient selective-ID secure identity-based encryption without random oracles. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 223–238. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  9. 9.
    Cash, D., Jaeger, J., Jarecki, S., Jutla, C.S., Krawczyk, H., Rosu, M.-C., Steiner, M.: Dynamic searchable encryption in very-large databases: data structures and implementation. In: 21st Annual Network and Distributed System Security Symposium, NDSS 2014, San Diego, California, USA, 23–26 February 2014. The Internet Society (2014)Google Scholar
  10. 10.
    Cash, D., Küpçü, A., Wichs, D.: Dynamic proofs of retrievability via oblivious RAM. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 279–295. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  11. 11.
  12. 12.
    Chen, J., Guihua, W., Shen, L.L., Ji, Z.: Differentiated security levels for personal identifiable information in identity management system. Expert Syst. Appl. 38(11), 14156–14162 (2011)Google Scholar
  13. 13.
    Chow, R., Jakobsson, M., Masuoka, R., Molina, J., Niu, Y., Shi, E., Song, Z.: Authentication in the clouds: a framework and its application to mobile users. In: Perrig, A., Sion, R. (eds.) Proceedings of the 2nd ACM Cloud Computing Security Workshop, CCSW 2010, Chicago, IL, USA, 8 October 2010, pp. 1–6. ACM (2010)Google Scholar
  14. 14.
    Cui, H., Yuan, X., Wang, C.: Harnessing encrypted data in cloud for secure and efficient image sharing from mobile devices. In: 2015 IEEE Conference on Computer Communications, INFOCOM 2015, Kowloon, Hong Kong, 26 April – 1 May 2015, pp. 2659–2667. IEEE (2015)Google Scholar
  15. 15.
    Do, Q., Martini, B., Choo, K.-K.R.: Exfiltrating data from android devices. Comput. Secur. 48, 74–91 (2015)CrossRefGoogle Scholar
  16. 16.
    Erway, C.C., Küpçü, A., Papamanthou, C., Tamassia, R.: Dynamic provable data possession. ACM Trans. Inf. Syst. Secur. 17(4), 15 (2015)CrossRefGoogle Scholar
  17. 17.
    El Gamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans. Inf. Theory 31(4), 469–472 (1985)MathSciNetCrossRefGoogle Scholar
  18. 18.
    Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Juels, A., Wright, R.N., De Capitani di Vimercati, S. (eds.) ACM Conference on Computer and Communications Security, pp. 89–98. ACM (2006)Google Scholar
  19. 19.
    Khan, A.N., Mat Kiah, M.L., Khan, S.U., Madani, S.A.: Towards secure mobile cloud computing a survey. Future Gener. Comput. Syst. 29(5), 1278–1299 (2013)CrossRefGoogle Scholar
  20. 20.
    Khan, W.Z., Aalsalem, M.Y., Xiang, Y.: A graphical password based system for small mobile devices. CoRR, abs/1110.3844 (2011)Google Scholar
  21. 21.
    Kim, M., Hongil, J., Kim, Y., Park, J., Park, Y.: Design and implementation of mobile trusted module for trusted mobile computing. IEEE Trans. Consum. Electron. 56(1), 134–140 (2010)CrossRefGoogle Scholar
  22. 22.
    Li, J., Ma, R., Guan, H.: TEES: an efficient search scheme over encrypted data on mobile cloud. IEEE Trans. Cloud Comput. 1, 1 (2015)Google Scholar
  23. 23.
    Liang, K., Susilo, W., Liu, J.K.: Privacy-preserving ciphertext multi-sharing control for big data storage. IEEE Trans. Inf. Forensics Secur. 10(8), 1578–1589 (2015)CrossRefGoogle Scholar
  24. 24.
    Liu, J.K., Au, M.H., Susilo, W., Liang, K., Lu, R., Srinivasan, B.: Secure sharing and searching for real-time video data in mobile cloud. IEEE Netw. 29(2), 46–50 (2015)CrossRefGoogle Scholar
  25. 25.
    Ohata, S., Kawai, Y., Matsuda, T., Hanaoka, G., Matsuura, K.: Re-encryption verifiability: how to detect malicious activities of a proxy in proxy re-encryption. In: Nyberg, K. (ed.) CT-RSA 2015. LNCS, vol. 9048, pp. 410–428. Springer, Heidelberg (2015)Google Scholar
  26. 26.
    Paar, C., Pelzl, J.: The data encryption standard (DES) and alternatives. Understanding Cryptography, pp. 55–86. Springer, Germany (2000)Google Scholar
  27. 27.
    Pointcheval, D., Zimmer, S.: Multi-factor authenticated key exchange. In: Bellovin, S.M., Gennaro, R., Keromytis, A.D., Yung, M. (eds.) ACNS 2008. LNCS, vol. 5037, pp. 277–295. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  28. 28.
  29. 29.
    BBC Technology. FBI investigates ‘cloud’ celebrity picture leaks.
  30. 30.
    Waters, B.: Functional encryption for regular languages. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 218–235. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  31. 31.
    Xi, K., Ahmad, T., Han, F., Jiankun, H.: A fingerprint based bio-cryptographic security protocol designed for client/server authentication in mobile computing environment. Secur. Commun. Netw. 4(5), 487–499 (2011)CrossRefGoogle Scholar
  32. 32.
    Yang, K., Jia, X.: An efficient and secure dynamic auditing protocol for data storage in cloud computing. IEEE Trans. Parallel Distrib. Syst. 24(9), 1717–1726 (2013)CrossRefGoogle Scholar
  33. 33.
    Yassin, A.A., Jin, H., Ibrahim, A., Qiang, W., Zou, D.: Cloud authentication based on anonymous one-time password. In: Han, Y.-H., Park, D.-S., Jia, W., Yeo, S.-S. (eds.) Ubiquitous Information Technologies and Applications. Lecture Notes in Electrical Engineering, vol. 214, pp. 423–431. Springer, Netherlands (2013)CrossRefGoogle Scholar
  34. 34.
    Zheng, Q., Shouhuai, X.: Secure and efficient proof of storage with deduplication. In: Bertino, E., Sandhu, R.S. (eds.) Second ACM Conference on Data and Application Security and Privacy, CODASPY 2012, San Antonio, TX, USA, 7–9 February 2012, pp. 1–12. ACM (2012)Google Scholar
  35. 35.
    Zissis, D., Lekkas, D.: Addressing cloud computing security issues. Future Gener. Comput. Syst. 28(3), 583–592 (2012)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG 2016

Authors and Affiliations

  • Man Ho Au
    • 1
  • Kaitai Liang
    • 2
    Email author
  • Joseph K. Liu
    • 3
  • Rongxing Lu
    • 4
  1. 1.Department of ComputingHong Kong Polytechnic UniversityKowloonHong Kong
  2. 2.Department of Computer ScienceAalto UniversityEspooFinland
  3. 3.Faculty of Information TechnologyMonash UniversityMelbourneAustralia
  4. 4.Faculty of Computer ScienceUniversity of New BrunswickFrederictonCanada

Personalised recommendations