Cost-effective secure e-health cloud system using identity based cryptographic techniques

Nowadays E-health cloud systems are more and more widely employed. However the security of these systems needs more consideration for the sensitive health information of patients. Some protocols on how to secure the e-health cloud system have been proposed, but many of them use the traditional PKI infrastructure to implement cryptographic mechanisms, which is cumbersome for they require every user having and remembering its own public/private keys. Identity based encryption (View the MathML sourceIBE) is a cryptographic primitive which uses the identity information of the user (e.g., email address) as the public key. Hence the public key is implicitly authenticated and the certificate management is simplified. Proxy re-encryption is another cryptographic primitive which aims at transforming a ciphertext under the delegator AA into another ciphertext which can be decrypted by the delegatee BB. In this paper, we describe several identity related cryptographic techniques for securing E-health system, which include new View the MathML sourceIBE schemes, new identity based proxy re-encryption (View the MathML sourceIBPRE) schemes. We also prove these schemes’ security and give the performance analysis, the results show our View the MathML sourceIBPRE scheme is especially highly efficient for re-encryption, which can be used to achieve cost-effective cloud usage.Peer ReviewedPostprint (author's final draft

Reducing HSM Reliance in Payments through Proxy Re-Encryption

Credit and debit-card payments are typically authenticated with PINs. Once entered into a terminal, the PIN is sent as an encrypted \emph{PIN block} across a payments network to the destination bank, which decrypts and verifies the PIN block. Each node in the payments network routes the PIN block to the next node by decrypting the block with its own key, and then re-encrypting the PIN block with the next node\u27s key; nodes establish shared secret keys with their neighbors to do so. This decrypt-then-encrypt operation over PIN blocks is known as \emph{PIN translation}, and it is currently performed in Hardware Security Modules (HSMs) to avoid possible PIN exposure. However, HSMs incur heavy acquisition and operational expenses. Introduced at EUROCRYPT\u2798, proxy re-encryption (PRE) is a cryptographic primitive which can re-encrypt without exposing sensitive data. We perform an extensive study of PRE as applied to PIN translation, and show through formalization, security analysis, and an implementation study that PRE is a practical alternative to HSMs. With PRE, we eliminate the need for HSMs during re-encryption of a PIN, thus greatly reducing the number of HSMs needed by each participant in the payments ecosystem. Along the way we conduct practice-oriented PRE research, with novel theoretical contributions to resolve issues in comparing so-called honest re-encryption to chosen-ciphertext PRE security, and a new efficient PRE scheme achieving a type of chosen-ciphertext security

Efficient and Secure Data Sharing Using Attribute-based Cryptography

La crescita incontrollata di dati prodotti da molte sorgenti, eterogenee e di- namiche, spinge molti possessori di tali dati a immagazzinarli su server nel cloud, anche al fine di condividerli con terze parti. La condivisione di dati su server (possibilmente) non fidati fonte di importanti e non banali questioni riguardanti sicurezza, privacy, confidenzialit e controllo degli accessi. Al fine di prevenire accessi incontrollati ai dati, una tipica soluzione consiste nel cifrare i dati stessi. Seguendo tale strada, la progettazione e la realizzazione di politiche di accesso ai dati cifrati da parte di terze parti (che possono avere differenti diritti sui dati stessi) un compito complesso, che impone la presenza di un controllore fidato delle politiche. Una possibile soluzione l\u2019impiego di un meccanismo per il controllo degli accessi basato su schemi di cifratura attribute-base (ABE ), che permette al possessore dei dati di cifrare i dati in funzione delle politiche di accesso dei dati stessi. Di contro, l\u2019adozione di tali meccanismi di controllo degli accessi presentano due problemi (i) privacy debole: le politiche di accesso sono pubbliche e (ii) inefficienza: le politiche di accesso sono statiche e una loro modifica richiede la ricifratura (o la cifratura multipla) di tutti i dati. Al fine di porre rimedio a tali problemi, il lavoro proposto in questa tesi prende in con- siderazione un particolare schema di cifratura attribute-based, chiamato inner product encryption (IPE, che gode della propriet attribute-hiding e pertanto riesce a proteggere la privatezza delle politiche di accesso) e lo combina con le tecniche di proxy re-encryption, che introducono una maggiore flessibilit ed efficienza. La prima parte di questa tesi discute l\u2019adeguatezza dell\u2019introduzione di un meccanismo di controllo degli accessi fondato su schema basato su inner product e proxy re-encryption (IPPRE ) al fine di garantire la condivisione sicura di dati immagazzinati su cloud server non fidati. Pi specificamente, proponiamo due proponiamo due versioni di IPE : in prima istanza, presentiamo una versione es- tesa con proxy re-encryption di un noto schema basato su inner product [1]. In seguito, usiamo tale schema in uno scenario in cui vengono raccolti e gestiti dati medici. In tale scenario, una volta che i dati sono stati raccolti, le politiche di ac- cesso possono variare al variare delle necessit dei diversi staff medici. Lo schema proposto delega il compito della ricifratura dei dati a un server proxy parzial- mente fidato, che pu trasformare la cifratura dei dati (che dipende da una polit- ica di accesso) in un\u2019altra cifratura (che dipende da un\u2019altra politica di accesso) senza per questo avere accesso ai dati in chiaro o alla chiave segreta utilizzata dal possessore dei dati. In tal modo, il possessore di una chiave di decifratura corrispondente alla seconda politica di accesso pu accedere ai dati senza intera- gire con il possessore dei dati (richiedendo cio una chiave di decifratura associata alla propria politica di accesso). Presentiamo un\u2019analisi relativa alle prestazioni di tale schema implementato su curve ellittiche appartenenti alle classi SS, MNT e BN e otteniamo incoraggianti risultati sperimentali. Dimostriamo inoltre che lo schema proposto sicuro contro attacchi chosen plaintext sotto la nota ipotesi DLIN. In seconda istanza, presentiamo una versione ottimizzata dello schema proposto in precedenza (E-IPPRE ), basata su un ben noto schema basato suinner product, proposto da Kim [2]. Lo schema E-IPPRE proposto richiede un numero costante di operazioni di calcolo di pairing e ci garantisce che gli oggetti prodotti dall esecuzione dello schema (chiavi di decifratura, chiavi pubbliche e le cifrature stesse) sono di piccole rispetto ai parametri di sicurezza e sono efficientemente calcolabili. Testiamo sperimentalmente l\u2019efficienza dello schema proposto e lo proviamo (selettivamente nei confronti degli attributi) sicuro nei confronti di attacchi chosen plaintext sotto la nota ipotesi BDH. In altri termini, lo schema proposto non rivela alcuna informazione riguardante le politiche di accesso. La seconda parte di questa tesi presenta uno schema crittografico per la condivisione sicura dei dati basato su crittografia attribute-based e adatto per scenari basati su IoT. Come noto, il problema principale in tale ambito riguarda le limitate risorse computazionali dei device IoT coinvolti. A tal proposito, proponiamo uno schema che combina la flessibilit di E-IPPRE con l\u2019efficienza di uno schema di cifratura simmetrico quale AES, ottenendo uno schema di cifratura basato su inner product, proxy-based leggero (L-IPPRE ). I risultati sperimentali confermano l\u2019adeguatezza di tale schema in scenari IoT.Riferimenti [1] Jong Hwan Park. Inner-product encryption under standard assumptions. Des. Codes Cryptography, 58(3):235\u2013257, March 2011. [2] Intae Kim, Seong Oun Hwang, Jong Hwan Park, and Chanil Park. An effi- cient predicate encryption with constant pairing computations and minimum costs. IEEE Trans. Comput., 65(10):2947\u20132958, October 2016.With the ever-growing production of data coming from multiple, scattered, and highly dynamical sources, many providers are motivated to upload their data to the cloud servers and share them with other persons for different purposes. However, storing data on untrusted cloud servers imposes serious concerns in terms of security, privacy, data confidentiality, and access control. In order to prevent privacy and security breaches, it is vital that data is encrypted first before it is outsourced to the cloud. However, designing access control mod- els that enable different users to have various access rights to the shared data is the main challenge. To tackle this issue, a possible solution is to employ a cryptographic-based data access control mechanism such as attribute-based encryption (ABE ) scheme, which enables a data owner to take full control over data access. However, access control mechanisms based on ABE raise two chal- lenges: (i) weak privacy: they do not conceal the attributes associated with the ciphertexts, and therefore they do not satisfy attribute-hiding security, and (ii) inefficiency: they do not support efficient access policy change when data is required to be shared among multiple users with different access policies. To address these issues, this thesis studies and enhances inner-product encryption (IPE ), a type of public-key cryptosystem, which supports the attribute-hiding property as well as the flexible fine-grained access control based payload-hiding property, and combines it with an advanced cryptographic technique known as proxy re-encryption (PRE ). The first part of this thesis discusses the necessity of applying the inner- product proxy re-encryption (IPPRE ) scheme to guarantee secure data sharing on untrusted cloud servers. More specifically, we propose two extended schemes of IPE : in the first extended scheme, we propose an inner-product proxy re- encryption (IPPRE ) protocol derived from a well-known inner-product encryp- tion scheme [1]. We deploy this technique in the healthcare scenario where data, collected by medical devices according to some access policy, has to be changed afterwards for sharing with other medical staffs. The proposed scheme delegates the re-encryption capability to a semi-trusted proxy who can transform a dele- gator\u2019s ciphertext associated with an attribute vector to a new ciphertext associ- ated with delegatee\u2019s attribute vector set, without knowing the underlying data and private key. Our proposed policy updating scheme enables the delegatee to decrypt the shared data with its own key without requesting a new decryption key. We analyze the proposed protocol in terms of its performance on three dif- ferent types of elliptic curves such as the SS curve, the MNT curve, and the BN curve, respectively. Hereby, we achieve some encouraging experimental results. We show that our scheme is adaptive attribute-secure against chosen-plaintext under standard Decisional Linear (D-Linear ) assumption. To improve the per- formance of this scheme in terms of storage, communication, and computation costs, we propose an efficient inner-product proxy re-encryption (E-IPPRE ) scheme using the transformation of Kim\u2019s inner-product encryption method [2]. The proposed E-IPPRE scheme requires constant pairing operations for its al- gorithms and ensures a short size of the public key, private key, and ciphertext,making it the most efficient and practical compared to state of the art schemes in terms of computation and communication overhead. We experimentally as- sess the efficiency of our protocol and show that it is selective attribute-secure against chosen-plaintext attacks in the standard model under Asymmetric De- cisional Bilinear Diffie-Hellman assumption. Specifically, our proposed schemes do not reveal any information about the data owner\u2019s access policy to not only the untrusted servers (e.g, cloud and proxy) but also to the other users. The second part of this thesis presents a new lightweight secure data sharing scheme based on attribute-based cryptography for a specific IoT -based health- care application. To achieve secure data sharing on IoT devices while preserving data confidentiality, the IoT devices encrypt data before it is outsourced to the cloud and authorized users, who have corresponding decryption keys, can ac- cess the data. The main challenge, in this case, is on the one hand that IoT devices are resource-constrained in terms of energy, CPU, and memory. On the other hand, the existing public-key encryption mechanisms (e.g., ABE ) require expensive computation. We address this issue by combining the flexibility and expressiveness of the proposed E-IPPRE scheme with the efficiency of symmet- ric key encryption technique (AES ) and propose a light inner-product proxy re-encryption (L-IPPRE ) scheme to guarantee secure data sharing between dif- ferent entities in the IoT environment. The experimental results confirm that the proposed L-IPPRE scheme is suitable for resource-constrained IoT scenar- ios.References [1] Jong Hwan Park. Inner-product encryption under standard assumptions. Des. Codes Cryptography, 58(3):235\u2013257, March 2011. [2] Intae Kim, Seong Oun Hwang, Jong Hwan Park, and Chanil Park. An effi- cient predicate encryption with constant pairing computations and minimum costs. IEEE Trans. Comput., 65(10):2947\u20132958, October 2016