Abstract
Cryptography provides techniques that can be used to implement core security services such as confidentiality and data integrity. We review some fundamental cryptographic mechanisms and identify some of the limitations of traditional cryptography with respect to cloud computing environments. We then review a number of relatively new cryptographic tools that have the potential to provide the extended security functionality required by some cloud computing applications.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
ISO/IEC 18033-3:2010 Information technology – security techniques – encryption algorithms – Part 3: Block ciphers (2010)
Dworkin M (2001) Recommendation for block cipher modes of operation methods and techniques, National Institute of Standards and Technology special publication. National Institute of Standards and Technology, Gaithersburg
National Institute of Standards and Technology (2001) Advanced encryption standard (AES), Federal information processing standards publication, 197. National Institute of Standards and Technology, Gaithersburg, pp 311–441
ISO/IEC 18033-4:2011, Information technology – security techniques – encryption algorithms – Part 4: Stream ciphers, 2nd edn, (2011)
ISO/IEC 18033-2:2006 Information technology – security techniques – encryption algorithms – Part 2: Asymmetric ciphers (2006)
Dang Q (2008) Recommendation for applications using approved hash algorithms, National Institute of Standards and Technology special publication, 107. National Institute of Standards and Technology, Gaithersburg
ISO/IEC 9797-1:2011 Information technology – security techniques – message authentication codes (MACs) – Part 1: Mechanisms using a block cipher (2011)
National Institute of Standards and Technology (2009) Digital signature standard (DSS), Federal information processing standards publication, 186-2. National Institute of Standards and Technology, Gaithersburg, pp 1–119
ISO/IEC 19772:2009 Information technology – security techniques – authenticated encryption (2009)
Yung M, Dent AW, Zheng Y (2010) Practical signcryption. Springer Science & Business Media, Berlin
ISO/IEC 29150:2011 Information technology – security techniques – signcryption (2011)
Curtmola R, Garay J, Kamara S, Ostrovsky R (2011) Searchable symmetric encryption: improved definitions and efficient constructions. J Comput Secur 19:895–934
Bellare M, Boldyreva A, O’Neill A (2007) Deterministic and efficiently searchable encryption. In: Advances in cryptology – CRYPTO 2007. LNCS, vol 4622. Springer, Heidelberg, pp 535–552
Golle P, Staddon J, Waters B (2004) Secure conjunctive keyword search over encrypted data. In: Applied cryptography and network security, vol 3089, LNCS. Springer, Berlin/Heidelberg, pp 31–45
Cash D, Jarecki S, Jutla C, Krawczyk H, Rosu M-C, Steiner M (2013) Highly-scalable searchable symmetric encryption with support for boolean queries. In: Advances in cryptology – CRYPTO 2013, vol 8042, LNCS. Springer, Heidelberg, pp 353–373
Boneh D, Waters B (2007) Conjunctive, subset, and range queries on encrypted data. In: Theory of cryptography, vol 4392, LNCS. Springer, Berlin, pp 535–554
Popa R, Redfield C (2011) CryptDB: protecting confidentiality with encrypted query processing. In: Proceedings of the twenty-third ACM symposium on operating systems principles. SOSP’11, pp 85–100
Li JLJ, Wang QWQ, Wang CWC, Cao NCN, Ren KRK, Lou WLW (2010) Fuzzy keyword search over encrypted data in cloud computing. In: INFOCOM, 2010 proceedings IEEE, pp 1–5
Boneh D, Kushilevitz E, Ostrovsky R, Skeith WE III (2007) Public key encryption that allows PIR queries. In: Advances in cryptology – CRYPTO 2007, vol 4622, LNCS. Springer, Berlin, pp 50–67
Gentry C (2009) A fully homomorphic encryption scheme. PhD thesis, Stanford University. Available from: crypto.stanford.edu/craig
Leontiadis I, Elkhyaoui K, Molva R (2014) Private and dynamic time-series data aggregation with trust relaxation. In: Cryptology and Network Security, vol 8813, LNCS. Springer, Berlin, pp 305–320
Agrawal R, Kiernan J, Srikant R, Xu Y (2004) Order preserving encryption for numeric data. In: Proceedings of the 2004 ACM SIGMOD international conference on management of data. SIGMOD’04, pp 563–574
Boldyreva A, Chenette N, Lee Y, O’Neill A (2009) Order-preserving symmetric encryption. In: Advances in cryptology – EUROCRYPT 2009, vol 5479, LNCS. Springer, Berlin, pp 224–241
Wang C, Cao N, Li J, Ren K, Lou W (2010) Secure ranked keyword search over encrypted cloud data. In: Proceedings of Distributed Computing Systems (ICDCS), IEEE 30th International conference on, IEEE, pp 253–262
Boneh D, Franklin M (2001) Identity-based encryption from the Weil pairing. In: Advances in cryptology – CRYPTO 2001, vol 2139, LNCS. Springer, Berlin, pp 213–229
Goyal V, Pandey O, Sahai A, Waters B (2006) Attribute-based encryption for fine-grained access control of encrypted data. In: Juels A, Wright R. di Vimercati SDC (eds) ACM conference on computer and communications security. ACM, New York, pp 89–98
Waters B (2011) Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: Public key cryptography – PKC 2011, vol 6571, LNCS. Springer, Heidelberg, pp 53–70
Katz J, Sahai A, Waters B (2008) Predicate encryption supporting disjunctions, polynomial equations, and inner products. In: Advances in cryptology – EUROCRYPT 2008. Springer, Berlin, pp 146–162
Chung K-M, Kalai Y, Vadhan S (2010) Improved delegation of computation using fully homomorphic encryption. In: Advances in cryptology – CRYPTO 2010, vol 6223, LNCS. Springer, Berlin, pp 483–501
Barbosa M, Farshim P (2012) Delegatable homomorphic encryption with applications to secure outsourcing of computation. In: Topics in cryptology – CT-RSA 2012, vol 7178, LNCS. Springer, Berlin, pp 296–312
Parno B, Raykova M, Vaikuntanathan V (2012) How to delegate and verify in public: verifiable computation from attribute-based encryption. In: Theory of cryptography, vol 7194, LNCS. Springer, Berlin, pp 422–439
Parno B, Howell J, Gentry C, Raykova M (2013) Pinocchio: nearly practical verifiable computation. In: IEEE symposium on security and privacy. IEEE, pp 238–252
Ateniese G, Burns R, Curtmola R, Herring J, Kissner L, Peterson Z, Song D (2007) Provable data possession at untrusted stores. In: Proceedings of the 14th ACM conference on computer and communications security, pp 598–609
Juels A, Kaliski BS Jr (2007) PORs: proofs of retrievability for large files. In: Proceedings of the 14th ACM conference on computer and communications security. ACM, pp 584–597
Armknecht F, Bohli J-M, Karame GO, Liu Z, Reuter CA (2014) Outsourced proofs of retrievability. In: Proceedings of the 2014 ACM SIGSAC conference on computer and communications security. ACM, pp 831–843
Wang C, Wang Q, Ren K, Lou W (2010) Privacy-preserving public auditing for data storage security in cloud computing. In: Proceedings of INFOCOM. IEEE, pp 1–9
Ateniese G, Fu K, Green M, Hohenberger S (2006) Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Trans Inf Syst Secur 9:1–30
Pinkas B, Reinman T (2010) Oblivious RAM revisited. In: Advances in cryptology – CRYPTO 2010, vol 6223, LNCS. Springer, Berlin, pp 502–519
Bellare M, Ristenpart T, Rogaway P, Stegers T (2009) Format-preserving encryption. In: Selected areas in cryptography, vol 5867, LNCS. Springer, Boston, pp 295–312
Bellare M, Keelveedhi S, Ristenpart T (2013) Message-locked encryption and secure deduplication. In: Advances in cryptology – EUROCRYPT 2013, vol 7881, LNCS. Springer, Berlin, pp 296–312
Acknowledgements
This chapter was adapted from a review conducted as part of the European Union project H2020-644024 “CLARUS.” We would like to thank the following researchers who contributed to the initial deliverable: Monir Azraoui, Aida Calviño, Josep Domingo-Ferrer, Melek Önen, David Sánchez, Cédric Van Rompay, and Oriol Farràs Ventura.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Alderman, J., Crampton, J., Martin, K.M. (2015). Cryptographic Tools for Cloud Environments. In: Zhu, S., Hill, R., Trovati, M. (eds) Guide to Security Assurance for Cloud Computing. Computer Communications and Networks. Springer, Cham. https://doi.org/10.1007/978-3-319-25988-8_2
Download citation
DOI: https://doi.org/10.1007/978-3-319-25988-8_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-25986-4
Online ISBN: 978-3-319-25988-8
eBook Packages: Computer ScienceComputer Science (R0)