Decentralized Policy-Hiding Attribute-Based Encryption with Receiver Privacy

Attribute-based encryption (ABE) enables limiting access to encrypted data to users with certain attributes. Different aspects of ABE were studied, such as the multi-authority setting (MA-ABE), and policy hiding, meaning the access policy is unknown to unauthorized parties. However, no practical scheme so far provably provides both properties, which are often desirable in real-world applications: supporting decentralization, while hiding the access policy. We present the first practical decentralized ABE scheme with a proof of being policy-hiding. Our construction is based on a decentralized inner-product predicate encryption scheme, introduced in this paper, which hides the encryption policy. It results in an ABE scheme supporting conjunctions, disjunctions and threshold policies, that protects the access policy from parties that are not authorized to decrypt the content. Further, we address the issue of receiver privacy. By using our scheme in combination with vector commitments, we hide the overall set of attributes possessed by the receiver from individual authorities, only revealing the attribute that the authority is controlling. Finally, we propose randomizing-polynomial encodings that immunize the scheme in the presence of corrupt authorities

Blockchain-enabled Data Governance for Privacy-Preserved Sharing of Confidential Data

In a traditional cloud storage system, users benefit from the convenience it provides but also take the risk of certain security and privacy issues. To ensure confidentiality while maintaining data sharing capabilities, the Ciphertext-Policy Attribute-based Encryption (CP-ABE) scheme can be used to achieve fine-grained access control in cloud services. However, existing approaches are impaired by three critical concerns: illegal authorization, key disclosure, and privacy leakage. To address these, we propose a blockchain-based data governance system that employs blockchain technology and attribute-based encryption to prevent privacy leakage and credential misuse. First, our ABE encryption system can handle multi-authority use cases while protecting identity privacy and hiding access policy, which also protects data sharing against corrupt authorities. Second, applying the Advanced Encryption Standard (AES) for data encryption makes the whole system efficient and responsive to real-world conditions. Furthermore, the encrypted data is stored in a decentralized storage system such as IPFS, which does not rely on any centralized service provider and is, therefore, resilient against single-point failures. Third, illegal authorization activity can be readily identified through the logged on-chain data. Besides the system design, we also provide security proofs to demonstrate the robustness of the proposed system.Comment: 23 pages, 19 algorithms, 1 figur

High Sensitive and Relevant Data Sharing with Secure and Low Time Consuming

Intermittent connection of networks and partition taken place frequently are likely to be suffered in military environments. Wireless devices are enabled in the network for accessing the confidential data with security by utilizing the storage nodes and alsothere is a communication with each other.Several privacy challenges andsecurity is based upon the attribute revocation and coordination of attributes issued from differentauthorities independentlywhich are introduced by the ABE scheme.For data encryption and decryption scalability is provided by ABE. In the case of encrypting the data, it is encrypted using certain polices and the attributes based upon the private keys and for decrypting the data it must possess some attributes that must match with the security policy that is applied in the particular data. The confidentiality of the stored data evenin the hostile area where key authorities are not fully trusted. In this paper, we demonstrate method of applying the proposed scheme in high sensitive and relevant data sharing with secure and low time consumin

Decentralized Anonymous User Authentication For Securing Data Storage in Cloud

The main objective of system is secure data storage on clouds. Cloud checks the authentication of the user without knowing the user’s identity. For encryption use Attribute Base Encryption algorithm (ABE) in which encryption is takes place and also set access policies. Decryption is only possible for valid users in Access control policy. System prevents replay attacks because of Attribute Base Signature algorithm (ABS) and provides the facilities for creation, modification, and reading data stored in the cloud. This scheme provides facility for user revocation by that user cannot access the data. Therefore, emphasize that cloud should take a decentralized approach which is robust instead of using access control schemes designed for clouds which are centralized. In this scheme there is one limitation is that the cloud already know the access policy for each record or user stored in the cloud. In future, system can also hide the attributes and access policy of a user. DOI: 10.17762/ijritcc2321-8169.15010

Secure Distributed Cloud Storage based on the Blockchain Technology and Smart Contracts

Objectives: This paper addresses the problem of secure data storage and sharing over cloud storage infrastructures. A secure, distributed cloud storage structure incorporating the blockchain structure is proposed that supports confidentiality, integrity, and availability. Methods/Analysis: The proposed structure combines two well-known technologies: one of them is the Ethereum Blockchain and its Smart Contracts and the other is the RSA encryption and authentication scheme. The Ethereum Blockchain is used as a data structure, which ensures data availability and integrity while RSA provides sensitive data confidentiality and source authentication. Findings: As a result, users of the proposed structure can trust it and be certain that they can securely exchange information through a publicly accessible and shared cloud storage. The application can be used either through a user interface (UI) or a command-line interface (CLI). Novelty /Improvement:The novelty of this work is that the system that is proposed could be used for secure data storage on the cloud as well as for file sharing and authentication verification. Also, secure data storage and file sharing are already offered by the proposed system. Doi: 10.28991/ESJ-2023-07-02-012 Full Text: PD

APPLYING POLICY HIDING CRYPTOGRAHIC SCHEME IN DOSN

Security concern in online social networking service have number of proposals for decentralized online social networks (DOSN). This remove the central provider and giving the control over their data who can access it. This project use the cryptographic scheme. In existing DOSN cryptographic primitives that hide the data but reveal the access policies. The project analyze Predicate encryption (PE) is cryptographic primitives that to provide access control of encrypted data using attribute based policies. We use bloom filter means that decreasing decryption time and indicate objects that can be decrypted by a particular user. This is best suitable for performance efficiency

Data governance through a multi-DLT architecture in view of the GDPR

The centralization of control over the processing of personal data threatens the privacy of individuals due to the lack of transparency and the obstruction of easy access to their data. Individuals need the tools to effectively exercise their rights, enshrined in regulations such as the European Union General Data Protection Regulation (GDPR). Having direct control over the flow of their personal data would not only favor their privacy but also a “data altruism”, as supported by the new European proposal for a Data Governance Act. In this work, we propose a multi-layered architecture for the management of personal information based on the use of distributed ledger technologies (DLTs). After an in-depth analysis of the tensions between the GDPR and DLTs, we propose the following components: (1) a personal data storage based on a (possibly decentralized) file storage (DFS) to guarantee data sovereignty to individuals, confidentiality and data portability; (2) a DLT-based authorization system to control access to data through two distributed mechanisms, i.e. secret sharing (SS) and threshold proxy re-encryption (TPRE); (3) an audit system based on a second DLT. Furthermore, we provide a prototype implementation built upon an Ethereum private blockchain, InterPlanetary File System (IPFS) and Sia and we evaluate its performance in terms of response time

Efficient and Secure Key Management and Authentication Scheme for WBSNs Using CP-ABE and Consortium Blockchain

publishedVersio