FLEXIBLE DATA SHARING IN STORAGE SYSTEMS OF CLOUD COMPUTING

Data discussing systems that derive from cloud storage has acquired attention within the recent occasions. Customers are furthermore taking pleasure in the practicality of discussing data by way of cloud storage and through this method customers are increasingly more concerned regarding accidental data leaks inside the cloud. These data leaks, caused using a malicious foe can typically result in severe breaches of private privacy. Within our work we advise a manuscript idea of key aggregate searchable file encryption by instantiating the idea completely via a concrete key aggregate searchable file encryption system. Here the information owner just must allocate a specific key perfectly into a user for discussing a large number of documents, and user simply must submit a specific trapdoor towards cloud for querying shared documents. The suggested system is applicable for just about any cloud storage that supports searchable group data discussing functionality

Homomorphic Encryption using Enhanced Data Encryption Scheme for Cloud Security

In un-confided frameworks or applications security is improved by performing Fully Homomorphic Encryption which deals with the touchy information. Homomorphic encryption empowers computing encrypted data without decrypting. Homomorphic encryption counteracts sharing of information inside the cloud service where information is put away in an public cloud. In Partially Homomorphic Encryption it performs either added substance or multiplicative activity, yet not the two tasks can be done at a same time. Though, if there should arise an occurrence of Fully Homomorphic Encryption the two activities can be completed at same time. In this paper, we endeavor to feature the issue of deciphering algorithms that can keep running on unencrypted or ordinary information to those which work on encrypted information. Here, we demonstrate that despite the fact that FHE gives the capacity to perform arbitrary computations, its total advantage must be acquired in the event that they additionally permit to execute arbitrary algorithms on encrypted information. In this model, Enhanced Data Encryption Technique is utilized to perform FHE activities on encrypted information and arranging is performed utilizing the encrypted information

A SURVEY ON KEY-AGGREGATE SEARCHABLE ENCRYPTION FOR GROUP DATA SHARING IN CLOUD STORAGE

Security concerns over inadvertent data leaks in the cloud may greatly ease the capability of selectively sharing encrypted data with different users via public cloud storage. So designing such an encryption schemes is a key challenge which lies in the efficient management of encryption keys. When any group of selected documents need to share with any group of users a desired flexibility is required with demands different encryption keys, which are used for different documents. However this also indicates the need of securely sharing to users a large number of keys for encryption and search, and those users will have to safely save the received keys, and submit an equally large number of keywords trapdoors to the cloud in order to perform search over the shared data. The indicated purpose of safe communication, storage, and difficultly clearly renders the approach impractical. In this paper, we address this practical problem, which is greatly neglected in the literature, here we are proposing the new concept of key aggregate searchable encryption and instantiating the concept through a concrete KASE scheme. In this scheme, the documents are shared by just submitting a single trapdoor by the user to the cloud for querying and this single key is being received by the data owner for sharing large number of documents. Our proposed scheme can confirm prove both the safety as well as practically efficient channels by security analysis and performance evaluation. It can securely store and manage the users in their devices. In order to perform a keyword search over many files a large number of trapdoors must be generated by users and submitted to the cloud. Such a system with secure communication, storage and computational complexity may lead to inefficiency and impracticality

Adaptive CCA Broadcast Encryption with Constant-Size Secret Keys and Ciphertexts

We consider designing broadcast encryption schemes with constant-size secret keys and ciphertexts, achieving chosen-ciphertext security. We first argue that known CPA-to-CCA transforms currently do not yield such schemes. We then propose a scheme, modifying a previous selective CPA secure proposal by Boneh, Gentry, and Waters. Our proposed scheme has constant-size secret keys and ciphertexts and we prove that it is selective chosen-ciphertext secure based on standard assumptions. Our scheme has ciphertexts that are shorter than those of the previous CCA secure proposals. Then we propose a second scheme that provides the functionality of both broadcast encryption and revocation schemes simultaneously using the same set of parameters. Finally we show that it is possible to prove our first scheme adaptive chosen-ciphertext secure under reasonable extensions of the bilinear Diffie-Hellman exponent and the knowledge of exponent assumptions. We prove both of these extended assumptions in the generic group model. Hence, our scheme becomes the first to achieve constant-size secret keys and ciphertexts (both asymptotically optimal) and adaptive chosen-ciphertext security at the same time

Contributions to Identity-Based Broadcast Encryption and Its Anonymity

Broadcast encryption was introduced to improve the efficiency of encryption when a message should be sent to or shared with a group of users. Only the legitimate users chosen in the encryption phase are able to retrieve the message. The primary challenge in construction a broadcast encryption scheme is to achieve collusion resistance such that the unchosen users learn nothing about the content of the encrypted message even they collude

New Conditional Privacy-preserving Encryption Schemes in Communication Network

Nowadays the communication networks have acted as nearly the most important fundamental infrastructure in our human society. The basic service provided by the communication networks are like that provided by the ubiquitous public utilities. For example, the cable television network provides the distribution of information to its subscribers, which is much like the water or gas supply systems which distribute the commodities to citizens. The communication network also facilitates the development of many network-based applications such as industrial pipeline controlling in the industrial network, voice over long-term evolution (VoLTE) in the mobile network and mixture reality (MR) in the computer network, etc. Since the communication network plays such a vital role in almost every aspect of our life, undoubtedly, the information transmitted over it should be guarded properly. Roughly, such information can be categorized into either the communicated message or the sensitive information related to the users. Since we already got cryptographical tools, such as encryption schemes, to ensure the confidentiality of communicated messages, it is the sensitive personal information which should be paid special attentions to. Moreover, for the benefit of reducing the network burden in some instances, it may require that only communication information among legitimated users, such as streaming media service subscribers, can be stored and then relayed in the network. In this case, the network should be empowered with the capability to verify whether the transmitted message is exchanged between legitimated users without leaking the privacy of those users. Meanwhile, the intended receiver of a transmitted message should be able to identify the exact message sender for future communication. In order to cater to those requirements, we re-define a notion named conditional user privacy preservation. In this thesis, we investigate the problem how to preserve user conditional privacy in pubic key encryption schemes, which are used to secure the transmitted information in the communication networks. In fact, even the term conditional privacy preservation has appeared in existing works before, there still have great differences between our conditional privacy preservation definition and the one proposed before. For example, in our definition, we do not need a trusted third party (TTP) to help tracing the sender of a message. Besides, the verification of a given encrypted message can be done without any secret. In this thesis, we also introduce more desirable features to our redefined notion user conditional privacy preservation. In our second work, we consider not only the conditional privacy of the message sender but also that of the intended message receiver. This work presents a new encryption scheme which can be implemented in communication networks where there exists a blacklist containing a list of blocked communication channels, and each of them is established by a pair of sender and receiver. With this encryption scheme, a verifier can confirm whether one ciphertext is belonging to a legitimated communication channel without knowing the exact sender and receiver of that ciphertext. With our two previous works, for a given ciphertext, we ensure that no one except its intended receiver can identify the sender. However, the receiver of one message may behave dishonest when it tries to retrieve the real message sender, which incurs the problem that the receiver of a message might manipulate the origin of the message successfully for its own benefit. To tackle this problem, we present a novel encryption scheme in our third work. Apart from preserving user conditional privacy, this work also enforces the receiver to give a publicly verifiable proof so as to convince others that it is honest during the process of identifying the actual message sender. In our forth work, we show our special interest in the access control encryption, or ACE for short, and find this primitive can inherently achieve user conditional privacy preservation to some extent. we present a newly constructed ACE scheme in this work, and our scheme has advantages over existing ACE schemes in two aspects. Firstly, our ACE scheme is more reliable than existing ones since we utilize a distributed sanitizing algorithm and thus avoid the so called single point failure happened in ACE systems with only one sanitizer. Then, since the ciphertext and key size of our scheme is more compact than that of the existing ACE schemes, our scheme enjoys better scalability