Comparative Study of Public-key cryptosystems in Cloud Storage

Cloud storage is a service model in which data is maintained, managed and backed up remotely and made available to users over a network (typically the Internet). Cloud storage can provide the benefits of greater accessibility and reliability. In cloud storage different members can share that data through different virtual machines but present on single physical machine. But the thing is user don’t have physical control over the outsourced data. As a result there is a need of effective method to share data securely among different users. This can be achieved using cryptography, which helps in encrypting the data to be stored in cloud storage to protect against unauthorized access. Here we introduce a public-key cryptosystem which produce ciphertexts of constant size such a way that an systematic assignment of decryption virtue for any number of ciphertexts are possible. The modernity is that one can combine a set of secret keys and make them as mini single key with holding the same ability of all the keys that are formed in each group. This compact aggregate key can be efficiently sent to others or to be stored in a smart card with little secure storage. DOI: 10.17762/ijritcc2321-8169.150314

An Efficient and Secure Key Management Scheme for Hierarchical Access Control Based on ECC

In a key management scheme for hierarchy based access control, each security class having higher clearance can derive the cryptographic secret keys of its other security classes having lower clearances. In 2006 Jeng-Wang proposed an efficient scheme on access control in user hierarchy based on elliptic curve cryptosystem. Their scheme provides solution of key management efficiently for dynamic access problems. However, in this paper, we propose an attack on Jeng-Wang scheme to show that Jeng-Wang scheme is insecure against our proposed attack. We show that in our proposed attack, an attacker (adversary) who is not a user in any security class in a user hierarchy attempts to derive the secret key of a security class

A Diffie-Hellman based key management scheme for hierarchical access control

All organizations share data in a carefully managed fashion\ud by using access control mechanisms. We focus on enforcing access control by encrypting the data and managing the encryption keys. We make the realistic assumption that the structure of any organization is a hierarchy of security classes. Data from a certain security class can only be accessed by another security class, if it is higher or at the same level in the hierarchy. Otherwise access is denied. Our solution is based on the Die-Hellman key exchange protocol. We show, that the theoretical worst case performance of our solution is slightly better than that of all other existing solutions. We also show, that our performance in practical cases is linear in the size of the hierarchy, whereas the best results from the literature are quadratic

Single Secret Key Crptosystem for Secure and Efficient Exchange of Data in Cloud

Nowadays users are storing their personal data on a cloud storage because of its numerous advantages. One of the important advantage in cloud storage is sharing of data between users or between organizations. In this paper we propose a simple, flexible, efficient and secure data sharing method for the cloud users. Here we are describing a special type of public key encryption scheme where public key, master-secret key, single secret key and cipher text sizes are constant. Single secret key can be obtained by combining number of secret keys. The sender can securely share multiple files with receiver by encrypting each file using a separate public key. Then the sender will combine all the public keys to form a single secret key which is exchanged with receiver by using Diffie-Hellman algorithm. Advantage of small single secret key is user can store this decryption key on a resource constraint devices like smart cards, smart cell phones or sensor nodes. Receiver can download the number of files by using single secret key

Key management in wireless sensor networks

We refer to a distributed architecture consisting of sensor nodes connected by wireless links and organized in a tree shaped hierarchy. We present a paradigm for the management of the cryptographic keys used by nodes to communicate, and we consider the problems connected with key generation, distribution, and replacement. In our paradigm, names are assigned to nodes by using a uniform scheme, which is based on the position of the given node in the node hierarchy. Each node holds a hierarchical key to communicate with its ancestors, and a level key to communicate with its siblings. A single, publicly-known parametric one-way function is used to assign hierarchical keys to nodes, in an iterative procedure that starts from the key of the root of the node hierarchy, and proceeds downwards to the lowest hierarchical levels. A similar procedure is used to generate the level keys. The total memory requirements for key storage are extremely low. The number of keys exchanged in a key replacement process is kept to a minimum. Dynamic access control is fully supported, whereby new nodes can be added to the node hierarchy, and existing nodes can be evicted from the hierarchy

On the Use of Key Assignment Schemes in Authentication Protocols

Key Assignment Schemes (KASs) have been extensively studied in the context of cryptographically-enforced access control, where derived keys are used to decrypt protected resources. In this paper, we explore the use of KASs in entity authentication protocols, where we use derived keys to encrypt challenges. This novel use of KASs permits the efficient authentication of an entity in accordance with an authentication policy by associating entities with security labels representing specific services. Cryptographic keys are associated with each security label and demonstrating knowledge of an appropriate key is used as the basis for authentication. Thus, by controlling the distribution of such keys, restrictions may be efficiently placed upon the circumstances under which an entity may be authenticated and the services to which they may gain access. In this work, we explore how both standardized protocols and novel constructions may be developed to authenticate entities as members of a group associated to a particular security label, whilst protecting the long-term secrets in the system. We also see that such constructions may allow for authentication whilst preserving anonymity, and that by including a trusted third party we can achieve the authentication of individual identities and authentication based on timestamps without the need for synchronized clocks