Advertisement

OBC Based Optimization of Re-encryption for Cryptographic Cloud Storage

  • Huidong QiaoEmail author
  • Jiangchun Ren
  • Zhiying Wang
  • Haihe Ba
  • Huaizhe Zhou
  • Tie Hong
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10048)

Abstract

In a cryptographic cloud storage system, it’s still very inefficient to revoke a user’s access right to a large file. This is because the ciphertext of the file, which is stored in the cloud, has to be decrypted and encrypted again under a new key (re-encryption), in order to prevent the revoked user from accessing the file with the previous key. For improving the performance of re-encryption operation, we propose orderly block chaining (OBC) encryption mode. In the decryption of a ciphertext produced by OBC, all blocks of ciphertext must be set in the correct position. Without the information about correct permutation order, it is infeasible for a user to decrypt any one of the blocks, even if he holds the encryption key. Thus, the file, which is encrypted by OBC, can be re-encrypted by just re-permuting the sequence of ciphertext blocks in another order. Experimental results show that OBC based optimization can sharply cut down the cost of re-encryption, while keeping the security of the data.

Keywords

Re-encryption Encryption mode Cryptographic cloud storage 

References

  1. 1.
    Kamara, S., Lauter, K.: Cryptographic cloud storage. In: 14th Financial Cryptograpy and Data Security International Conference, pp. 136–149 (2010)Google Scholar
  2. 2.
    Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: 2007 IEEE Symposium on Security and Privacy, pp. 321–334 (2007)Google Scholar
  3. 3.
    Castiglione, A., De Santis, A., Masucci, B., Palmieri, F., Castiglione, A., Huang, X.: Cryptographic hierarchical access control for dynamic structures. IEEE Trans. Inf. Forensic Secur. 11(10), 2349–2364 (2016)CrossRefzbMATHGoogle Scholar
  4. 4.
    Ostrovsky, R., Sahai, A., Waters, B.: Attribute-based encryption with non-monotonic access structures. In: 14th ACM Conference on Computer and Communications Security, pp. 195–203 (2007)Google Scholar
  5. 5.
    Backes, M., Cachin, C., Oprea, A.: Lazy revocation in cryptographic file systems. In: 3rd IEEE International Security in Storage Workshop, pp. 1–11 (2005)Google Scholar
  6. 6.
    Di Vimercati, S.D.C., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Over-encryption: management of access control evolution on outsourced data. In: Proceedings of the 33rd International Conference on Very Large Data Bases, pp. 123–134 (2007)Google Scholar
  7. 7.
    Syalim, A., Nishide, T., Sakurai, K.: Realizing proxy re-encryption in the symmetric world. In: International Conference on Informatics Engineering and Information Science, pp. 259–274 (2011)Google Scholar
  8. 8.
    Rivest, R.L.: All-or-nothing encryption and the package transform. In: 4th International Workshop on Fast Software Encryption, pp. 210–218 (1997)Google Scholar
  9. 9.
    Cheng, Y., Wang, Z.-Y., Ma, J., Wu, J.-J., Mei, S.-Z., Ren, J.-C.: Efficient revocation in ciphertext-policy attribute-based encryption based cryptographic cloud storage. J. Zhejiang Univ. Sci. C 14(2), 85–97 (2013)CrossRefGoogle Scholar
  10. 10.
    Rabin, M.O.: Efficient dispersal of information for security, load balancing, and fault tolerance. J. ACM 36(2), 335–348 (1989)MathSciNetCrossRefzbMATHGoogle Scholar
  11. 11.
    Samanthula, B.K., Howser, G., Elmehdwi, Y., Madria, S.: An efficient and secure data sharing framework using homomorphic encryption in the cloud. In: 1st International Workshop on Cloud Intelligence (2012)Google Scholar
  12. 12.
    Cormen, T.H., Leiserson, C.E., Rivest, R.L., Stein, C.: Introduction to Algorithms: Third edition (2009)Google Scholar

Copyright information

© Springer International Publishing AG 2016

Authors and Affiliations

  • Huidong Qiao
    • 1
    • 2
    Email author
  • Jiangchun Ren
    • 1
  • Zhiying Wang
    • 1
  • Haihe Ba
    • 1
  • Huaizhe Zhou
    • 1
  • Tie Hong
    • 1
  1. 1.College of ComputerNational University of Defense TechnologyChangshaChina
  2. 2.College of Computer and CommunicationHunan Institute of EngineeringXiangtanChina

Personalised recommendations