Energy-efficient secure outsourcing decryption of attribute based encryption for mobile device in cloud computation

This is a copy of the author 's final draft version of an article published in the "Journal of ambient intelligence and humanized computing". The final publication is available at Springer via http://dx.doi.org/10.1007/s12652-017-0658-2In this paper two new ways for efficient secure outsourcing the decryption of key-policy attribute-based encryption (KP-ABE) with energy efficiency are proposed. Based on an observation about the permutation property of the access structure for the attribute based encryption schemes, we propose a high efficient way for outsourcing the decryption of KP-ABE, which is suitable for being used in mobile devices. But it can only be used for the ABE schemes having tree-like access structure for the self-enclosed system. The second way is motivated from the fact that almost all the previous work on outsourcing the decryption of KP-ABE cares little about the ciphertext length. Almost all the previous schemes for secure outsourcing the decryption of ABE have linear length ciphertext with the attributes or the policy. But transferring so long ciphertexts via wireless network for mobile phone can easily run out of battery power, therefore it can not be adapted to practical application scenarios. Thus another new scheme for outsourcing the decryption of ABE but with constant-size ciphertexts is proposed. Furthermore, our second proposal gives a new efficient way for secure outsourcing the decryptor’s secret key to the cloud, which need only one modular exponentiation while all the previous schemes need many. We evaluate the efficiency of our proposals and the results show that our proposals are practical.Peer ReviewedPostprint (author's final draft

Extended Functionality in Verifiable Searchable Encryption

Abstract. When outsourcing the storage of sensitive data to an (un-trusted) remote server, a data owner may choose to encrypt the data beforehand to preserve confidentiality. However, it is then difficult to efficiently retrieve specific portions of the data as the server is unable to identify the relevant information. Searchable encryption has been well studied as a solution to this problem, allowing data owners and other au-thorised users to generate search queries which the server may execute over the encrypted data to identify relevant data portions. However, many current schemes lack two important properties: verifia-bility of search results, and expressive queries. We introduce Extended Verifiable Searchable Encryption (eVSE) that permits a user to verify that search results are correct and complete. We also permit verifiabl

Hybrid Publicly Verifiable Computation

Publicly Verifiable Outsourced Computation (PVC) allows weak devices to delegate com-putations to more powerful servers, and to verify the correctness of results. Delegation and verification rely only on public parameters, and thus PVC lends itself to large multi-user systems where entities need not be registered. In such settings, individual user requirements may be diverse and cannot be realised with current PVC solutions. In this paper, we in-troduce Hybrid PVC (HPVC) which, with a single setup stage, provides a flexible solution to outsourced computation supporting multiple modes: (i) standard PVC, (ii) PVC with cryptographically enforced access control policies restricting the servers that may perform a given computation, and (iii) a reversed model of PVC which we call Verifiable Delegable Computation (VDC) where data is held remotely by servers. Entities may dynamically play the role of delegators or servers as required

CUPS : Secure Opportunistic Cloud of Things Framework based on Attribute Based Encryption Scheme Supporting Access Policy Update

The ever‐growing number of internet connected devices, coupled with the new computing trends, namely within emerging opportunistic networks, engenders several security concerns. Most of the exchanged data between the internet of things (IoT) devices are not adequately secured due to resource constraints on IoT devices. Attribute‐based encryption is a promising cryptographic mechanism suitable for distributed environments, providing flexible access control to encrypted data contents. However, it imposes high decryption costs, and does not support access policy update, for highly dynamic environments. This paper presents CUPS, an ABE‐based framework for opportunistic cloud of things applications, that securely outsources data decryption process to edge nodes in order to reduce the computation overhead on the user side. CUPS allows end‐users to offload most of the decryption overhead to an edge node and verify the correctness of the received partially decrypted data from the edge node. Moreover, CUPS provides the access policy update feature with neither involving a proxy‐server, nor re‐encrypting the enciphered data contents and re‐distributing the users' secret keys. The access policy update feature in CUPS does not affect the size of the message received by the end‐user, which reduces the bandwidth and the storage usage. Our comprehensive theoretical analysis proves that CUPS outperforms existing schemes in terms of functionality, communication and computation overheads

PHOABE : securely outsourcing multi-authority attribute based encryption with policy hidden for cloud assisted IoT

Attribute based encryption (ABE) is an encrypted access control mechanism that ensures efficient data sharing among dynamic group of users. Nevertheless, this encryption technique presents two main drawbacks, namely high decryption cost and publicly shared access policies, thus leading to possible users’ privacy leakage. In this paper, we introduce PHOABE, a Policy-Hidden Outsourced ABE scheme. Our construction presents several advantages. First, it is a multi-attribute authority ABE scheme. Second, the expensive computations for the ABE decryption process is partially delegated to a Semi Trusted Cloud Server. Third, users’ privacy is protected thanks to a hidden access policy. Fourth, PHOABE is proven to be selectively secure, verifiable and policy privacy preserving under the random oracle model. Five, estimation of the processing overhead proves its feasibility in IoT constrained environments

Survey on securing data storage in the cloud

Cloud Computing has become a well-known primitive nowadays; many researchers and companies are embracing this fascinating technology with feverish haste. In the meantime, security and privacy challenges are brought forward while the number of cloud storage user increases expeditiously. In this work, we conduct an in-depth survey on recent research activities of cloud storage security in association with cloud computing. After an overview of the cloud storage system and its security problem, we focus on the key security requirement triad, i.e., data integrity, data confidentiality, and availability. For each of the three security objectives, we discuss the new unique challenges faced by the cloud storage services, summarize key issues discussed in the current literature, examine, and compare the existing and emerging approaches proposed to meet those new challenges, and point out possible extensions and futuristic research opportunities. The goal of our paper is to provide a state-of-the-art knowledge to new researchers who would like to join this exciting new field

Attribute-based encryption with verifiable outsourced decryption

Ministry of Education, Singapore under its Academic Research Funding Tier 1; Singapore Management University; Agency for Science, Technology and Research (A*STAR) SERC Gran