Skip to main content
SpringerLink
Log in
Book cover

Guide to Security Assurance for Cloud Computing pp 15–30Cite as

Cryptographic Tools for Cloud Environments

  • Chapter
  • First Online:

Part of the book series: Computer Communications and Networks ((CCN))

Abstract

Cryptography provides techniques that can be used to implement core security services such as confidentiality and data integrity. We review some fundamental cryptographic mechanisms and identify some of the limitations of traditional cryptography with respect to cloud computing environments. We then review a number of relatively new cryptographic tools that have the potential to provide the extended security functionality required by some cloud computing applications.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD   54.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. ISO/IEC 18033-3:2010 Information technology – security techniques – encryption algorithms – Part 3: Block ciphers (2010)

    Google Scholar 

  2. Dworkin M (2001) Recommendation for block cipher modes of operation methods and techniques, National Institute of Standards and Technology special publication. National Institute of Standards and Technology, Gaithersburg

    Book  Google Scholar 

  3. National Institute of Standards and Technology (2001) Advanced encryption standard (AES), Federal information processing standards publication, 197. National Institute of Standards and Technology, Gaithersburg, pp 311–441

    Google Scholar 

  4. ISO/IEC 18033-4:2011, Information technology – security techniques – encryption algorithms – Part 4: Stream ciphers, 2nd edn, (2011)

    Google Scholar 

  5. ISO/IEC 18033-2:2006 Information technology – security techniques – encryption algorithms – Part 2: Asymmetric ciphers (2006)

    Google Scholar 

  6. Dang Q (2008) Recommendation for applications using approved hash algorithms, National Institute of Standards and Technology special publication, 107. National Institute of Standards and Technology, Gaithersburg

    Google Scholar 

  7. ISO/IEC 9797-1:2011 Information technology – security techniques – message authentication codes (MACs) – Part 1: Mechanisms using a block cipher (2011)

    Google Scholar 

  8. National Institute of Standards and Technology (2009) Digital signature standard (DSS), Federal information processing standards publication, 186-2. National Institute of Standards and Technology, Gaithersburg, pp 1–119

    Google Scholar 

  9. ISO/IEC 19772:2009 Information technology – security techniques – authenticated encryption (2009)

    Google Scholar 

  10. Yung M, Dent AW, Zheng Y (2010) Practical signcryption. Springer Science & Business Media, Berlin

    Google Scholar 

  11. ISO/IEC 29150:2011 Information technology – security techniques – signcryption (2011)

    Google Scholar 

  12. Curtmola R, Garay J, Kamara S, Ostrovsky R (2011) Searchable symmetric encryption: improved definitions and efficient constructions. J Comput Secur 19:895–934

    Google Scholar 

  13. Bellare M, Boldyreva A, O’Neill A (2007) Deterministic and efficiently searchable encryption. In: Advances in cryptology – CRYPTO 2007. LNCS, vol 4622. Springer, Heidelberg, pp 535–552

    Chapter  Google Scholar 

  14. Golle P, Staddon J, Waters B (2004) Secure conjunctive keyword search over encrypted data. In: Applied cryptography and network security, vol 3089, LNCS. Springer, Berlin/Heidelberg, pp 31–45

    Chapter  Google Scholar 

  15. Cash D, Jarecki S, Jutla C, Krawczyk H, Rosu M-C, Steiner M (2013) Highly-scalable searchable symmetric encryption with support for boolean queries. In: Advances in cryptology – CRYPTO 2013, vol 8042, LNCS. Springer, Heidelberg, pp 353–373

    Chapter  Google Scholar 

  16. Boneh D, Waters B (2007) Conjunctive, subset, and range queries on encrypted data. In: Theory of cryptography, vol 4392, LNCS. Springer, Berlin, pp 535–554

    Chapter  Google Scholar 

  17. Popa R, Redfield C (2011) CryptDB: protecting confidentiality with encrypted query processing. In: Proceedings of the twenty-third ACM symposium on operating systems principles. SOSP’11, pp 85–100

    Google Scholar 

  18. Li JLJ, Wang QWQ, Wang CWC, Cao NCN, Ren KRK, Lou WLW (2010) Fuzzy keyword search over encrypted data in cloud computing. In: INFOCOM, 2010 proceedings IEEE, pp 1–5

    Google Scholar 

  19. Boneh D, Kushilevitz E, Ostrovsky R, Skeith WE III (2007) Public key encryption that allows PIR queries. In: Advances in cryptology – CRYPTO 2007, vol 4622, LNCS. Springer, Berlin, pp 50–67

    Chapter  Google Scholar 

  20. Gentry C (2009) A fully homomorphic encryption scheme. PhD thesis, Stanford University. Available from: crypto.stanford.edu/craig

  21. Leontiadis I, Elkhyaoui K, Molva R (2014) Private and dynamic time-series data aggregation with trust relaxation. In: Cryptology and Network Security, vol 8813, LNCS. Springer, Berlin, pp 305–320

    Google Scholar 

  22. Agrawal R, Kiernan J, Srikant R, Xu Y (2004) Order preserving encryption for numeric data. In: Proceedings of the 2004 ACM SIGMOD international conference on management of data. SIGMOD’04, pp 563–574

    Google Scholar 

  23. Boldyreva A, Chenette N, Lee Y, O’Neill A (2009) Order-preserving symmetric encryption. In: Advances in cryptology – EUROCRYPT 2009, vol 5479, LNCS. Springer, Berlin, pp 224–241

    Chapter  Google Scholar 

  24. Wang C, Cao N, Li J, Ren K, Lou W (2010) Secure ranked keyword search over encrypted cloud data. In: Proceedings of Distributed Computing Systems (ICDCS), IEEE 30th International conference on, IEEE, pp 253–262

    Google Scholar 

  25. Boneh D, Franklin M (2001) Identity-based encryption from the Weil pairing. In: Advances in cryptology – CRYPTO 2001, vol 2139, LNCS. Springer, Berlin, pp 213–229

    Chapter  Google Scholar 

  26. Goyal V, Pandey O, Sahai A, Waters B (2006) Attribute-based encryption for fine-grained access control of encrypted data. In: Juels A, Wright R. di Vimercati SDC (eds) ACM conference on computer and communications security. ACM, New York, pp 89–98

    Google Scholar 

  27. Waters B (2011) Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: Public key cryptography – PKC 2011, vol 6571, LNCS. Springer, Heidelberg, pp 53–70

    Chapter  Google Scholar 

  28. Katz J, Sahai A, Waters B (2008) Predicate encryption supporting disjunctions, polynomial equations, and inner products. In: Advances in cryptology – EUROCRYPT 2008. Springer, Berlin, pp 146–162

    Chapter  Google Scholar 

  29. Chung K-M, Kalai Y, Vadhan S (2010) Improved delegation of computation using fully homomorphic encryption. In: Advances in cryptology – CRYPTO 2010, vol 6223, LNCS. Springer, Berlin, pp 483–501

    Chapter  Google Scholar 

  30. Barbosa M, Farshim P (2012) Delegatable homomorphic encryption with applications to secure outsourcing of computation. In: Topics in cryptology – CT-RSA 2012, vol 7178, LNCS. Springer, Berlin, pp 296–312

    Chapter  Google Scholar 

  31. Parno B, Raykova M, Vaikuntanathan V (2012) How to delegate and verify in public: verifiable computation from attribute-based encryption. In: Theory of cryptography, vol 7194, LNCS. Springer, Berlin, pp 422–439

    Chapter  Google Scholar 

  32. Parno B, Howell J, Gentry C, Raykova M (2013) Pinocchio: nearly practical verifiable computation. In: IEEE symposium on security and privacy. IEEE, pp 238–252

    Google Scholar 

  33. Ateniese G, Burns R, Curtmola R, Herring J, Kissner L, Peterson Z, Song D (2007) Provable data possession at untrusted stores. In: Proceedings of the 14th ACM conference on computer and communications security, pp 598–609

    Google Scholar 

  34. Juels A, Kaliski BS Jr (2007) PORs: proofs of retrievability for large files. In: Proceedings of the 14th ACM conference on computer and communications security. ACM, pp 584–597

    Google Scholar 

  35. Armknecht F, Bohli J-M, Karame GO, Liu Z, Reuter CA (2014) Outsourced proofs of retrievability. In: Proceedings of the 2014 ACM SIGSAC conference on computer and communications security. ACM, pp 831–843

    Google Scholar 

  36. Wang C, Wang Q, Ren K, Lou W (2010) Privacy-preserving public auditing for data storage security in cloud computing. In: Proceedings of INFOCOM. IEEE, pp 1–9

    Google Scholar 

  37. Ateniese G, Fu K, Green M, Hohenberger S (2006) Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Trans Inf Syst Secur 9:1–30

    Article  MATH  Google Scholar 

  38. Pinkas B, Reinman T (2010) Oblivious RAM revisited. In: Advances in cryptology – CRYPTO 2010, vol 6223, LNCS. Springer, Berlin, pp 502–519

    Chapter  Google Scholar 

  39. Bellare M, Ristenpart T, Rogaway P, Stegers T (2009) Format-preserving encryption. In: Selected areas in cryptography, vol 5867, LNCS. Springer, Boston, pp 295–312

    Chapter  Google Scholar 

  40. Bellare M, Keelveedhi S, Ristenpart T (2013) Message-locked encryption and secure deduplication. In: Advances in cryptology – EUROCRYPT 2013, vol 7881, LNCS. Springer, Berlin, pp 296–312

    Chapter  Google Scholar 

Download references

Acknowledgements

This chapter was adapted from a review conducted as part of the European Union project H2020-644024 “CLARUS.” We would like to thank the following researchers who contributed to the initial deliverable: Monir Azraoui, Aida Calviño, Josep Domingo-Ferrer, Melek Önen, David Sánchez, Cédric Van Rompay, and Oriol Farràs Ventura.

Author information

Authors and Affiliations

  1. Information Security Group, Royal Holloway, University of London, Egham, TW20 0EX, UK

    James Alderman, Jason Crampton & Keith M. Martin

Authors
  1. James Alderman
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jason Crampton
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Keith M. Martin
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Keith M. Martin .

Editor information

Editors and Affiliations

  1. University of Derby, Department of Computing and Mathematics, Derby, United Kingdom

    Shao Ying Zhu

  2. University of Derby, Department of Computing and Mathematics, Derby, United Kingdom

    Richard Hill

  3. University of Derby, Department of Computing and Mathematics, Derby, United Kingdom

    Marcello Trovati

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this chapter

Cite this chapter

Alderman, J., Crampton, J., Martin, K.M. (2015). Cryptographic Tools for Cloud Environments. In: Zhu, S., Hill, R., Trovati, M. (eds) Guide to Security Assurance for Cloud Computing. Computer Communications and Networks. Springer, Cham. https://doi.org/10.1007/978-3-319-25988-8_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-25988-8_2

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-25986-4

  • Online ISBN: 978-3-319-25988-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation