27 research outputs found
Still Wrong Use of Pairings in Cryptography
Several pairing-based cryptographic protocols are recently proposed with a
wide variety of new novel applications including the ones in emerging
technologies like cloud computing, internet of things (IoT), e-health systems
and wearable technologies. There have been however a wide range of incorrect
use of these primitives. The paper of Galbraith, Paterson, and Smart (2006)
pointed out most of the issues related to the incorrect use of pairing-based
cryptography. However, we noticed that some recently proposed applications
still do not use these primitives correctly. This leads to unrealizable,
insecure or too inefficient designs of pairing-based protocols. We observed
that one reason is not being aware of the recent advancements on solving the
discrete logarithm problems in some groups. The main purpose of this article is
to give an understandable, informative, and the most up-to-date criteria for
the correct use of pairing-based cryptography. We thereby deliberately avoid
most of the technical details and rather give special emphasis on the
importance of the correct use of bilinear maps by realizing secure
cryptographic protocols. We list a collection of some recent papers having
wrong security assumptions or realizability/efficiency issues. Finally, we give
a compact and an up-to-date recipe of the correct use of pairings.Comment: 25 page
Chameleon: A Secure Cloud-Enabled and Queryable System with Elastic Properties
There are two dominant themes that have become increasingly more important in our
technological society. First, the recurrent use of cloud-based solutions which provide
infrastructures, computation platforms and storage as services. Secondly, the use of applicational
large logs for analytics and operational monitoring in critical systems. Moreover,
auditing activities, debugging of applications and inspection of events generated by errors
or potential unexpected operations - including those generated as alerts by intrusion
detection systems - are common situations where extensive logs must be analyzed, and
easy access is required. More often than not, a part of the generated logs can be deemed
as sensitive, requiring a privacy-enhancing and queryable solution.
In this dissertation, our main goal is to propose a novel approach of storing encrypted
critical data in an elastic and scalable cloud-based storage, focusing on handling JSONbased
ciphered documents. To this end, we make use of Searchable and Homomorphic
Encryption methods to allow operations on the ciphered documents. Additionally, our
solution allows for the user to be near oblivious to our systemās internals, providing
transparency while in use. The achieved end goal is a unified middleware system capable
of providing improved system usability, privacy, and rich querying over the data. This
previously mentioned objective is addressed while maintaining server-side auditable logs,
allowing for searchable capabilities by the log owner or authorized users, with integrity
and authenticity proofs.
Our proposed solution, named Chameleon, provides rich querying facilities on ciphered
data - including conjunctive keyword, ordering correlation and boolean queries
- while supporting field searching and nested aggregations. The aforementioned operations
allow our solution to provide data analytics upon ciphered JSON documents, using
Elasticsearch as our storage and search engine.O uso recorrente de soluƧƵes baseadas em nuvem tornaram-se cada vez mais importantes
na nossa sociedade. Tais soluƧƵes fornecem infraestruturas, computaĆ§Ć£o e armazenamento
como serviƧos, para alem do uso de logs volumosos de sistemas e aplicaƧƵes para
anĆ”lise e monitoramento operacional em sistemas crĆticos. Atividades de auditoria, debugging
de aplicaƧƵes ou inspeĆ§Ć£o de eventos gerados por erros ou possĆveis operaƧƵes
inesperadas - incluindo alertas por sistemas de detecĆ§Ć£o de intrusĆ£o - sĆ£o situaƧƵes comuns
onde logs extensos devem ser analisados com facilidade. Frequentemente, parte dos
logs gerados podem ser considerados confidenciais, exigindo uma soluĆ§Ć£o que permite
manter a confidencialidades dos dados durante procuras.
Nesta dissertaĆ§Ć£o, o principal objetivo Ć© propor uma nova abordagem de armazenar
logs crĆticos num armazenamento elĆ”stico e escalĆ”vel baseado na cloud. A soluĆ§Ć£o proposta
suporta documentos JSON encriptados, fazendo uso de Searchable Encryption e
mĆ©todos de criptografia homomĆ³rfica com provas de integridade e autenticaĆ§Ć£o. O objetivo
alcanƧado Ʃ um sistema de middleware unificado capaz de fornecer privacidade,
integridade e autenticidade, mantendo registos auditƔveis do lado do servidor e permitindo
pesquisas pelo proprietĆ”rio dos logs ou usuĆ”rios autorizados. A soluĆ§Ć£o proposta,
Chameleon, visa fornecer recursos de consulta atuando em cima de dados cifrados - incluindo
queries conjuntivas, de ordenaĆ§Ć£o e booleanas - suportando pesquisas de campo
e agregaƧƵes aninhadas. As operaƧƵes suportadas permitem Ć nossa soluĆ§Ć£o suportar data
analytics sobre documentos JSON cifrados, utilizando o Elasticsearch como armazenamento
e motor de busca
A New Data Deletion Scheme for a Blockchain-based De-duplication System in the Cloud
Almost all Cloud Service Providers (CSP) takes a principled approach to the storage and deletion of Customer Data. Most of them have engineered their cloud platform to achieve a high degree of speed, availability, durability, and consistency. Their systems are designed to be optimized for these performance attributes and must be carefully balanced with the necessity to achieve accurate and timely data deletion.many researchers have turn their focus toward data storage and how it will be a challenging task for CSPs in term of storage capacity, data management and security, a considerable number of papers has been published containing new models and technique that will allow data De-duplication in a shared environment but few of them have discussed data deletion.In this paper we will be discussing a new approach that will allow a smart deletion of data stored in the file system as well as its reference in the Blockchain since, by its nature, Blockchains does not allow deletion without violating the Blockchainās consistency, a preexisting de-duplication system will be our base platform on which we will be working to achieve an accurate and secure data deletion using Blockchain technology while preserving its consistency
Still Wrong Use of Pairings in Cryptography
The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.Several pairing-based cryptographic protocols are recently
proposed with a wide variety of new novel applications including the ones
in emerging technologies like cloud computing, internet of things (IoT),
e-health systems and wearable technologies. There have been however a
wide range of incorrect use of these primitives. The paper of Galbraith,
Paterson, and Smart (2006) pointed out most of the issues related to the
incorrect use of pairing-based cryptography. However, we noticed that
some recently proposed applications still do not use these primitives correctly.
This leads to unrealizable, insecure or too ine cient designs of
pairing-based protocols. We observed that one reason is not being aware
of the recent advancements on solving the discrete logarithm problems in
some groups. The main purpose of this article is to give an understandable,
informative, and the most up-to-date criteria for the correct use of
pairing-based cryptography. We thereby deliberately avoid most of the
technical details and rather give special emphasis on the importance of
the correct use of bilinear maps by realizing secure cryptographic protocols.
We list a collection of some recent papers having wrong security
assumptions or realizability/e ciency issues. Finally, we give a compact
and an up-to-date recipe of the correct use of pairings
Data Auditing and Security in Cloud Computing: Issues, Challenges and Future Directions
Cloud computing is one of the significant development that utilizes progressive computational power and upgrades data distribution and data storing facilities. With cloud information services, it is essential for information to be saved in the cloud and also distributed across numerous customers. Cloud information repository is involved with issues of information integrity, data security and information access by unapproved users. Hence, an autonomous reviewing and auditing facility is necessary to guarantee that the information is effectively accommodated and used in the cloud. In this paper, a comprehensive survey on the state-of-art techniques in data auditing and security are discussed. Challenging problems in information repository auditing and security are presented. Finally, directions for future research in data auditing and security have been discussed
Data auditing and security in cloud computing: issues, challenges and future directions
Cloud computing is one of the significant development that utilizes progressive computational power and
upgrades data distribution and data storing facilities. With cloud information services, it is essential for
information to be saved in the cloud and also distributed across numerous customers. Cloud information
repository is involved with issues of information integrity, data security and information access by unapproved
users. Hence, an autonomous reviewing and auditing facility is necessary to guarantee that the information is
effectively accommodated and used in the cloud. In this paper, a comprehensive survey on the state-of-art
techniques in data auditing and security are discussed. Challenging problems in information repository auditing
and security are presented. Finally, directions for future research in data auditing and security have been
discusse
New Unbounded Verifiable Data Streaming for Batch Query with Almost Optimal Overhead
Verifiable Data Streaming (VDS) enables a resource-limited client to continuously outsource data to an untrusted server in a sequential manner while supporting public integrity verification and efficient update. However, most existing VDS schemes require the client to generate all proofs in advance and store them at the server, which leads to a heavy computation burden on the client. In addition, all the previous VDS schemes can perform batch query (i.e., retrieving multiple data entries at once), but are subject to linear communication cost , where is the number of queried data. In this paper, we first introduce a new cryptographic primitive named Double-trapdoor Chameleon Vector Commitment (DCVC), and then present an unbounded VDS scheme with optimal communication cost in the random oracle model from aggregatable cross-commitment variant of DCVC. Furthermore, we propose, to our best knowledge, the first unbounded VDS scheme with optimal communication and storage overhead in the standard model by integrating Double-trapdoor Chameleon Hash Function (DCH) and Key-Value Commitment (KVC). Both of our schemes enjoy constant-size public key. Finally, we demonstrate the efficiency of our two VDS schemes with a comprehensive performance evaluation