Secure data sharing in cloud and IoT by leveraging attribute-based encryption and blockchain

“Data sharing is very important to enable different types of cloud and IoT-based services. For example, organizations migrate their data to the cloud and share it with employees and customers in order to enjoy better fault-tolerance, high-availability, and scalability offered by the cloud. Wearable devices such as smart watch share user’s activity, location, and health data (e.g., heart rate, ECG) with the service provider for smart analytic. However, data can be sensitive, and the cloud and IoT service providers cannot be fully trusted with maintaining the security, privacy, and confidentiality of the data. Hence, new schemes and protocols are required to enable secure data sharing in the cloud and IoT. This work outlines our research contribution towards secure data sharing in the cloud and IoT. For secure data sharing in the cloud, this work proposes several novel attribute-based encryption schemes. The core contributions to this end are efficient revocation, prevention of collusion attacks, and multi-group support. On the other hand, for secure data sharing in IoT, a permissioned blockchain-based access control system has been proposed. The system can be used to enforce fine-grained access control on IoT data where the access control decision is made by the blockchain-based on the consensus of the participating nodes”--Abstract, page iv

Public-Key Puncturable Encryption: Modular and Compact Constructions

We revisit the method of designing public-key puncturable encryption schemes and present a generic conversion by leveraging the techniques of distributed key-distribution and revocable encryption. In particular, we first introduce a refined version of identity-based revocable encryption, named key-homomorphic identity-based revocable key encapsulation mechanism with extended correctness. Then, we propose a generic construction of puncturable key encapsulation mechanism from the former by merging the idea of distributed key-distribution. Compared to the state-of-the-art, our generic construction supports unbounded number of punctures and multiple tags per message, thus achieving more fine-grained revocation of decryption capability. Further, it does not rely on random oracles, not suffer from non-negligible correctness error, and results in a variety of efficient schemes with distinct features. More precisely, we obtain the first scheme with very compact ciphertexts in the standard model, and the first scheme with support for both unbounded size of tags per ciphertext and unbounded punctures as well as constant-time puncture operation. Moreover, we get a comparable scheme proven secure under the standard DBDH assumption, which enjoys both faster encryption and decryption than previous works based on the same assumption, especially when the number of tags associated with the ciphertext is large

A HYBRIDIZED ENCRYPTION SCHEME BASED ON ELLIPTIC CURVE CRYPTOGRAPHY FOR SECURING DATA IN SMART HEALTHCARE

Recent developments in smart healthcare have brought us a great deal of convenience. Connecting common objects to the Internet is made possible by the Internet of Things (IoT). These connected gadgets have sensors and actuators for data collection and transfer. However, if users' private health information is compromised or exposed, it will seriously harm their privacy and may endanger their lives. In order to encrypt data and establish perfectly alright access control for such sensitive information, attribute-based encryption (ABE) has typically been used. Traditional ABE, however, has a high processing overhead. As a result, an effective security system algorithm based on ABE and Fully Homomorphic Encryption (FHE) is developed to protect health-related data. ABE is a workable option for one-to-many communication and perfectly alright access management of encrypting data in a cloud environment. Without needing to decode the encrypted data, cloud servers can use the FHE algorithm to take valid actions on it. Because of its potential to provide excellent security with a tiny key size, elliptic curve cryptography (ECC) algorithm is also used. As a result, when compared to related existing methods in the literature, the suggested hybridized algorithm (ABE-FHE-ECC) has reduced computation and storage overheads. A comprehensive safety evidence clearly shows that the suggested method is protected by the Decisional Bilinear Diffie-Hellman postulate. The experimental results demonstrate that this system is more effective for devices with limited resources than the conventional ABE when the system’s performance is assessed by utilizing standard model

Efficient and Secure Data Sharing Using Attribute-based Cryptography

La crescita incontrollata di dati prodotti da molte sorgenti, eterogenee e di- namiche, spinge molti possessori di tali dati a immagazzinarli su server nel cloud, anche al fine di condividerli con terze parti. La condivisione di dati su server (possibilmente) non fidati fonte di importanti e non banali questioni riguardanti sicurezza, privacy, confidenzialit e controllo degli accessi. Al fine di prevenire accessi incontrollati ai dati, una tipica soluzione consiste nel cifrare i dati stessi. Seguendo tale strada, la progettazione e la realizzazione di politiche di accesso ai dati cifrati da parte di terze parti (che possono avere differenti diritti sui dati stessi) un compito complesso, che impone la presenza di un controllore fidato delle politiche. Una possibile soluzione l\u2019impiego di un meccanismo per il controllo degli accessi basato su schemi di cifratura attribute-base (ABE ), che permette al possessore dei dati di cifrare i dati in funzione delle politiche di accesso dei dati stessi. Di contro, l\u2019adozione di tali meccanismi di controllo degli accessi presentano due problemi (i) privacy debole: le politiche di accesso sono pubbliche e (ii) inefficienza: le politiche di accesso sono statiche e una loro modifica richiede la ricifratura (o la cifratura multipla) di tutti i dati. Al fine di porre rimedio a tali problemi, il lavoro proposto in questa tesi prende in con- siderazione un particolare schema di cifratura attribute-based, chiamato inner product encryption (IPE, che gode della propriet attribute-hiding e pertanto riesce a proteggere la privatezza delle politiche di accesso) e lo combina con le tecniche di proxy re-encryption, che introducono una maggiore flessibilit ed efficienza. La prima parte di questa tesi discute l\u2019adeguatezza dell\u2019introduzione di un meccanismo di controllo degli accessi fondato su schema basato su inner product e proxy re-encryption (IPPRE ) al fine di garantire la condivisione sicura di dati immagazzinati su cloud server non fidati. Pi specificamente, proponiamo due proponiamo due versioni di IPE : in prima istanza, presentiamo una versione es- tesa con proxy re-encryption di un noto schema basato su inner product [1]. In seguito, usiamo tale schema in uno scenario in cui vengono raccolti e gestiti dati medici. In tale scenario, una volta che i dati sono stati raccolti, le politiche di ac- cesso possono variare al variare delle necessit dei diversi staff medici. Lo schema proposto delega il compito della ricifratura dei dati a un server proxy parzial- mente fidato, che pu trasformare la cifratura dei dati (che dipende da una polit- ica di accesso) in un\u2019altra cifratura (che dipende da un\u2019altra politica di accesso) senza per questo avere accesso ai dati in chiaro o alla chiave segreta utilizzata dal possessore dei dati. In tal modo, il possessore di una chiave di decifratura corrispondente alla seconda politica di accesso pu accedere ai dati senza intera- gire con il possessore dei dati (richiedendo cio una chiave di decifratura associata alla propria politica di accesso). Presentiamo un\u2019analisi relativa alle prestazioni di tale schema implementato su curve ellittiche appartenenti alle classi SS, MNT e BN e otteniamo incoraggianti risultati sperimentali. Dimostriamo inoltre che lo schema proposto sicuro contro attacchi chosen plaintext sotto la nota ipotesi DLIN. In seconda istanza, presentiamo una versione ottimizzata dello schema proposto in precedenza (E-IPPRE ), basata su un ben noto schema basato suinner product, proposto da Kim [2]. Lo schema E-IPPRE proposto richiede un numero costante di operazioni di calcolo di pairing e ci garantisce che gli oggetti prodotti dall esecuzione dello schema (chiavi di decifratura, chiavi pubbliche e le cifrature stesse) sono di piccole rispetto ai parametri di sicurezza e sono efficientemente calcolabili. Testiamo sperimentalmente l\u2019efficienza dello schema proposto e lo proviamo (selettivamente nei confronti degli attributi) sicuro nei confronti di attacchi chosen plaintext sotto la nota ipotesi BDH. In altri termini, lo schema proposto non rivela alcuna informazione riguardante le politiche di accesso. La seconda parte di questa tesi presenta uno schema crittografico per la condivisione sicura dei dati basato su crittografia attribute-based e adatto per scenari basati su IoT. Come noto, il problema principale in tale ambito riguarda le limitate risorse computazionali dei device IoT coinvolti. A tal proposito, proponiamo uno schema che combina la flessibilit di E-IPPRE con l\u2019efficienza di uno schema di cifratura simmetrico quale AES, ottenendo uno schema di cifratura basato su inner product, proxy-based leggero (L-IPPRE ). I risultati sperimentali confermano l\u2019adeguatezza di tale schema in scenari IoT.Riferimenti [1] Jong Hwan Park. Inner-product encryption under standard assumptions. Des. Codes Cryptography, 58(3):235\u2013257, March 2011. [2] Intae Kim, Seong Oun Hwang, Jong Hwan Park, and Chanil Park. An effi- cient predicate encryption with constant pairing computations and minimum costs. IEEE Trans. Comput., 65(10):2947\u20132958, October 2016.With the ever-growing production of data coming from multiple, scattered, and highly dynamical sources, many providers are motivated to upload their data to the cloud servers and share them with other persons for different purposes. However, storing data on untrusted cloud servers imposes serious concerns in terms of security, privacy, data confidentiality, and access control. In order to prevent privacy and security breaches, it is vital that data is encrypted first before it is outsourced to the cloud. However, designing access control mod- els that enable different users to have various access rights to the shared data is the main challenge. To tackle this issue, a possible solution is to employ a cryptographic-based data access control mechanism such as attribute-based encryption (ABE ) scheme, which enables a data owner to take full control over data access. However, access control mechanisms based on ABE raise two chal- lenges: (i) weak privacy: they do not conceal the attributes associated with the ciphertexts, and therefore they do not satisfy attribute-hiding security, and (ii) inefficiency: they do not support efficient access policy change when data is required to be shared among multiple users with different access policies. To address these issues, this thesis studies and enhances inner-product encryption (IPE ), a type of public-key cryptosystem, which supports the attribute-hiding property as well as the flexible fine-grained access control based payload-hiding property, and combines it with an advanced cryptographic technique known as proxy re-encryption (PRE ). The first part of this thesis discusses the necessity of applying the inner- product proxy re-encryption (IPPRE ) scheme to guarantee secure data sharing on untrusted cloud servers. More specifically, we propose two extended schemes of IPE : in the first extended scheme, we propose an inner-product proxy re- encryption (IPPRE ) protocol derived from a well-known inner-product encryp- tion scheme [1]. We deploy this technique in the healthcare scenario where data, collected by medical devices according to some access policy, has to be changed afterwards for sharing with other medical staffs. The proposed scheme delegates the re-encryption capability to a semi-trusted proxy who can transform a dele- gator\u2019s ciphertext associated with an attribute vector to a new ciphertext associ- ated with delegatee\u2019s attribute vector set, without knowing the underlying data and private key. Our proposed policy updating scheme enables the delegatee to decrypt the shared data with its own key without requesting a new decryption key. We analyze the proposed protocol in terms of its performance on three dif- ferent types of elliptic curves such as the SS curve, the MNT curve, and the BN curve, respectively. Hereby, we achieve some encouraging experimental results. We show that our scheme is adaptive attribute-secure against chosen-plaintext under standard Decisional Linear (D-Linear ) assumption. To improve the per- formance of this scheme in terms of storage, communication, and computation costs, we propose an efficient inner-product proxy re-encryption (E-IPPRE ) scheme using the transformation of Kim\u2019s inner-product encryption method [2]. The proposed E-IPPRE scheme requires constant pairing operations for its al- gorithms and ensures a short size of the public key, private key, and ciphertext,making it the most efficient and practical compared to state of the art schemes in terms of computation and communication overhead. We experimentally as- sess the efficiency of our protocol and show that it is selective attribute-secure against chosen-plaintext attacks in the standard model under Asymmetric De- cisional Bilinear Diffie-Hellman assumption. Specifically, our proposed schemes do not reveal any information about the data owner\u2019s access policy to not only the untrusted servers (e.g, cloud and proxy) but also to the other users. The second part of this thesis presents a new lightweight secure data sharing scheme based on attribute-based cryptography for a specific IoT -based health- care application. To achieve secure data sharing on IoT devices while preserving data confidentiality, the IoT devices encrypt data before it is outsourced to the cloud and authorized users, who have corresponding decryption keys, can ac- cess the data. The main challenge, in this case, is on the one hand that IoT devices are resource-constrained in terms of energy, CPU, and memory. On the other hand, the existing public-key encryption mechanisms (e.g., ABE ) require expensive computation. We address this issue by combining the flexibility and expressiveness of the proposed E-IPPRE scheme with the efficiency of symmet- ric key encryption technique (AES ) and propose a light inner-product proxy re-encryption (L-IPPRE ) scheme to guarantee secure data sharing between dif- ferent entities in the IoT environment. The experimental results confirm that the proposed L-IPPRE scheme is suitable for resource-constrained IoT scenar- ios.References [1] Jong Hwan Park. Inner-product encryption under standard assumptions. Des. Codes Cryptography, 58(3):235\u2013257, March 2011. [2] Intae Kim, Seong Oun Hwang, Jong Hwan Park, and Chanil Park. An effi- cient predicate encryption with constant pairing computations and minimum costs. IEEE Trans. Comput., 65(10):2947\u20132958, October 2016

GLUE: Generalizing Unbounded Attribute-Based Encryption for Flexible Efficiency Trade-Offs

Ciphertext-policy attribute-based encryption is a versatile primitive that has been considered extensively to securely manage data in practice. Especially completely unbounded schemes are attractive, because they do not restrict the sets of attributes and policies. So far, any such schemes that support negations in the access policy or that have online/offline extensions have an inefficient decryption algorithm. In this work, we propose GLUE (Generalized, Large-universe, Unbounded and Expressive), which is a novel scheme that allows for the efficient implementation of the decryption while allowing the support of both negations and online/offline extensions. We achieve these properties simultaneously by uncovering an underlying dependency between encryption and decryption, which allows for a flexible trade-off in their efficiency. For the security proof, we devise a new technique that enables us to generalize multiple existing schemes. As a result, we obtain a completely unbounded scheme supporting negations that, to the best of our knowledge, outperforms all existing such schemes in the decryption algorithm

Attribute Based Cryptographic Enforcements for Security and Privacy in E-health Environments

publishedVersio

Data Service Outsourcing and Privacy Protection in Mobile Internet

Mobile Internet data have the characteristics of large scale, variety of patterns, and complex association. On the one hand, it needs efficient data processing model to provide support for data services, and on the other hand, it needs certain computing resources to provide data security services. Due to the limited resources of mobile terminals, it is impossible to complete large-scale data computation and storage. However, outsourcing to third parties may cause some risks in user privacy protection. This monography focuses on key technologies of data service outsourcing and privacy protection, including the existing methods of data analysis and processing, the fine-grained data access control through effective user privacy protection mechanism, and the data sharing in the mobile Internet

Secure Schemes for Semi-Trusted Environment

In recent years, two distributed system technologies have emerged: Peer-to-Peer (P2P) and cloud computing. For the former, the computers at the edge of networks share their resources, i.e., computing power, data, and network bandwidth, and obtain resources from other peers in the same community. Although this technology enables efficiency, scalability, and availability at low cost of ownership and maintenance, peers defined as ``like each other'' are not wholly controlled by one another or by the same authority. In addition, resources and functionality in P2P systems depend on peer contribution, i.e., storing, computing, routing, etc. These specific aspects raise security concerns and attacks that many researchers try to address. Most solutions proposed by researchers rely on public-key certificates from an external Certificate Authority (CA) or a centralized Public Key Infrastructure (PKI). However, both CA and PKI are contradictory to fully decentralized P2P systems that are self-organizing and infrastructureless. To avoid this contradiction, this thesis concerns the provisioning of public-key certificates in P2P communities, which is a crucial foundation for securing P2P functionalities and applications. We create a framework, named the Self-Organizing and Self-Healing CA group (SOHCG), that can provide certificates without a centralized Trusted Third Party (TTP). In our framework, a CA group is initialized in a Content Addressable Network (CAN) by trusted bootstrap nodes and then grows to a mature state by itself. Based on our group management policies and predefined parameters, the membership in a CA group is dynamic and has a uniform distribution over the P2P community; the size of a CA group is kept to a level that balances performance and acceptable security. The muticast group over an underlying CA group is constructed to reduce communication and computation overhead from collaboration among CA members. To maintain the quality of the CA group, the honest majority of members is maintained by a Byzantine agreement algorithm, and all shares are refreshed gradually and continuously. Our CA framework has been designed to meet all design goals, being self-organizing, self-healing, scalable, resilient, and efficient. A security analysis shows that the framework enables key registration and certificate issue with resistance to external attacks, i.e., node impersonation, man-in-the-middle (MITM), Sybil, and a specific form of DoS, as well as internal attacks, i.e., CA functionality interference and CA group subversion. Cloud computing is the most recent evolution of distributed systems that enable shared resources like P2P systems. Unlike P2P systems, cloud entities are asymmetric in roles like client-server models, i.e., end-users collaborate with Cloud Service Providers (CSPs) through Web interfaces or Web portals. Cloud computing is a combination of technologies, e.g., SOA services, virtualization, grid computing, clustering, P2P overlay networks, management automation, and the Internet, etc. With these technologies, cloud computing can deliver services with specific properties: on-demand self-service, broad network access, resource pooling, rapid elasticity, measured services. However, theses core technologies have their own intrinsic vulnerabilities, so they induce specific attacks to cloud computing. Furthermore, since public clouds are a form of outsourcing, the security of users' resources must rely on CSPs' administration. This situation raises two crucial security concerns for users: locking data into a single CSP and losing control of resources. Providing inter-operations between Application Service Providers (ASPs) and untrusted cloud storage is a countermeasure that can protect users from lock-in with a vendor and losing control of their data. To meet the above challenge, this thesis proposed a new authorization scheme, named OAuth and ABE based authorization (AAuth), that is built on the OAuth standard and leverages Ciphertext-Policy Attribute Based Encryption (CP-ABE) and ElGamal-like masks to construct ABE-based tokens. The ABE-tokens can facilitate a user-centric approach, end-to-end encryption and end-to-end authorization in semi-trusted clouds. With these facilities, owners can take control of their data resting in semi-untrusted clouds and safely use services from unknown ASPs. To this end, our scheme divides the attribute universe into two disjointed sets: confined attributes defined by owners to limit the lifetime and scope of tokens and descriptive attributes defined by authority(s) to certify the characteristic of ASPs. Security analysis shows that AAuth maintains the same security level as the original CP-ABE scheme and protects users from exposing their credentials to ASP, as OAuth does. Moreover, AAuth can resist both external and internal attacks, including untrusted cloud storage. Since most cryptographic functions are delegated from owners to CSPs, AAuth gains computing power from clouds. In our extensive simulation, AAuth's greater overhead was balanced by greater security than OAuth's. Furthermore, our scheme works seamlessly with storage providers by retaining the providers' APIs in the usual way