R-PEKS: RBAC Enabled PEKS for Secure Access of Cloud Data

In the recent past, few works have been done by combining attribute-based access control with multi-user PEKS, i.e., public key encryption with keyword search. Such attribute enabled searchable encryption is most suitable for applications where the changing of privileges is done once in a while. However, to date, no efficient and secure scheme is available in the literature that is suitable for these applications where changing privileges are done frequently. In this paper our contributions are twofold. Firstly, we propose a new PEKS scheme for string search, which, unlike the previous constructions, is free from bi-linear mapping and is efficient by 97% compared to PEKS for string search proposed by Ray et.al in TrustCom 2017. Secondly, we introduce role based access control (RBAC) to multi-user PEKS, where an arbitrary group of users can search and access the encrypted files depending upon roles. We termed this integrated scheme as R-PEKS. The efficiency of R-PEKS over the PEKS scheme is up to 90%. We provide formal security proofs for the different components of R-PEKS and validate these schemes using a commercial dataset

A SURVEY ON CRYPTOGRAPHIC CLOUD STORAGE WITH KEY AGGREGATE SEARCHABLE ENCRYPTION

Cloud is a new way to store large amount of data. In cloud computing, data owners host their data on cloud servers and users can access the data from cloud servers. By data outsourcing, users can be relieved from the burden of local data storage and maintenance. Cloud storage has emerged as a promising solution for providing ubiquitous, convenient, and on-demand accesses to large amounts of data shared over the Internet.Considering the practical problem of privacy preserving data sharing system based on public cloud storage which requires a data owner to distribute a large number of keys to users to enable them to access his/her documents, we for the first time propose the concept of key-aggregate searchable encryption (KASE) and construct a concrete KASE scheme. Both analysis and evaluation results confirm that our work can provide an effective solution to building practical data sharing system based on public cloud storage

Sharing of Data Using Key Aggregation and Searchable Encryption

Sharing data with different users is an important functionality of the cloud. However, while enjoying the convenience provided by the cloud storage, user’s main concern is regarding the data leakage present in cloud. A promising approach to prevent this is encryption of data before uploading onto cloud. The desire to selectively and securely share documents with any group of users demands different documents to have different encryption keys. This necessitates the distribution of a large number of keys to users for both encryption and search, those users will have to securely store these keys, and submit an equally large number of keyword trapdoors to the cloud in order to perform search. In this paper, we resolve this problem by extending the concept of Key Aggregate Searchable Encryption (KASE) scheme which employs a single aggregate key and a single trapdoor. Here, the data owner only needs to distribute a single key to a user for sharing a large number of documents, and the user only needs to submit a single trapdoor to the cloud for querying the documents. Also, we provide a functionality of selection of keyword based on their rank by the Data owner in such a way that the selected keywords describe the file. Thus, this scheme makes the management of the keys efficient and also makes the sharing of documents over the cloud more secure

Optimal and Efficient Searchable Encryption with Single Trapdoor for Multi-Owner Data Sharing in Federated Cloud Computing

Cloud computing, an Internet based computing model, has changed the way of data owners store and manage data. In such environment, data sharing is very important with more efficient data access control. Issuing an aggregate key to users on data enables and authorizes them to search for data of select encrypted files using trapdoor or encrypted keyword. The existing schemes defined for this purpose do have certain limitations. For instance, Cui et al. scheme is elegant but lacks in flexibility in access control in presence of multiple data owners sharing data to users. Its single trapdoor approach needs transformation into individual trapdoors to access data of specific data owner. Moreover, the existing schemes including that of Cui et al. does not support federated cloud.  In this paper we proposed an efficient key aggregate searchable encryption scheme which enables multiple featuressuch as support for truly single aggregate key to access data of many data owners, federated cloud support,query privacy, controlled search process and security against cross-pairing attack. It has algorithms for setup, keygen, encrypt, extract, aggregate, trapdoor, test and federator. In multi-user setting it is designed to serve data owners and users with secure data sharing through key aggregate searchable encryption The proposed scheme supports federated cloud. Experimental results revealed that the proposed scheme is provably secure withrelatively less computational overhead and time complexity when compared with the state of the art

Multi-Key Searchable Encryption, Revisited

We consider a setting where users store their encrypted documents on a remote server and can selectively share documents with each other. A user should be able to perform keyword searches over all the documents she has access to, including the ones that others shared with her. The contents of the documents, and the search queries, should remain private from the server. This setting was considered by Popa et al. (NSDI \u2714) who developed a new cryptographic primitive called Multi-Key Searchable Encryption (MKSE), together with an instantiation and an implementation within a system called Mylar, to address this goal. Unfortunately, Grubbs et al. (CCS \u2716) showed that the proposed MKSE definition fails to provide basic security guarantees, and that the Mylar system is susceptible to simple attacks. Most notably, if a malicious Alice colludes with the server and shares a document with an honest Bob then the privacy of all of Bob\u27s search queries is lost. In this work we revisit the notion of MKSE and propose a new strengthened definition that rules out the above attacks. We then construct MKSE schemes meeting our definition. We first give a simple and efficient construction using only pseudorandom functions. This construction achieves our strong security definition at the cost of increasing the server storage overhead relative to Mylar, essentially replicating the document each time it is shared. We also show that high server storage overhead is not inherent, by giving an alternate (albeit impractical) construction that manages to avoid it using obfuscation

Multi-User Dynamic Searchable Symmetric Encryption with Corrupted Participants

We study the problem of multi-user dynamic searchable symmetric encryption (DMUSSE) where a data owner stores its encrypted documents on an untrusted remote server and wishes to selectively allow multiple users to access them by issuing keyword search queries. Specifically, we consider the case where some of the users may be corrupted and colluding with the server to extract additional information about the dataset (beyond what they have access to). We provide the first formal security definition for the dynamic setting as well as forward and backward privacy definitions. We then propose μSE, the first provably secure DMUSSE scheme and instantiate it in two versions, one based on oblivious data structures and one based on update queues, with different performance trade-offs. Furthermore, we extend μSE to support verifiability of results. To achieve this, users need a secure digest initially computed by the data owner and changed after every update. We efficiently accommodate this, without relying on a trusted third party, by adopting a blockchain-based approach for the digests’ dissemination and deploy our schemes over the permissioned Hyperledger Fabric blockchain. We prototype both versions and experimentally evaluate their practical performance, both as stand-alone systems and running on top of Hyperledger Fabric

Highly Scalable and Secure Mobile Applications in Cloud Computing Systems

Cloud computing provides scalable processing and storage resources that are hosted on a third-party provider to permit clients to economically meet real-time service demands. The confidentiality of client data outsourced to the cloud is a paramount concern since the provider cannot necessarily be trusted with read access to voluminous sensitive client data. A particular challenge of mobile cloud computing is that a cloud application may be accessed by a very large and dynamically changing population of mobile devices requiring access control. The thesis addresses the problems of achieving efficient and highly scalable key management for resource-constrained users of an untrusted cloud, and also of preserving the privacy of users. A model for key distribution is first proposed that is based on dynamic proxy re-encryption of data. Keys are managed inside the client domain for trust reasons, computationally-intensive re-encryption is performed by the cloud provider, and key distribution is minimized to conserve communication. A mechanism manages key evolution for a continuously changing user population. Next, a novel form of attribute-based encryption is proposed that authorizes users based on the satisfaction of required attributes. The greater computational load from cryptographic operations is performed by the cloud provider and a trusted manager rather than the mobile data owner. Furthermore, data re-encryption may be optionally performed by the cloud provider to reduce the expense of user revocation. Another key management scheme based on threshold cryptography is proposed where encrypted key shares are stored in the cloud, taking advantage of the scalability of storage in the cloud. The key share material erodes over time to allow user revocation to occur efficiently without additional coordination by the data owner; multiple classes of user privileges are also supported. Lastly, an alternative exists where cloud data is considered public knowledge, but the specific information queried by a user must be kept private. A technique is presented utilizing private information retrieval, where the query is performed in a computationally efficient manner without requiring a trusted third-party component. A cloaking mechanism increases the privacy of a mobile user while maintaining constant traffic cost

Toward practical and private online services

Today's common online services (social networks, media streaming, messaging, email, etc.) bring convenience. However, these services are susceptible to privacy leaks. Certainly, email snooping by rogue employees, email server hacks, and accidental disclosures of user ratings for movies are some sources of private information leakage. This dissertation investigates the following question: Can we build systems that (a) provide strong privacy guarantees to the users, (b) are consistent with existing commercial and policy regimes, and (c) are affordable? Satisfying all three requirements simultaneously is challenging, as providing strong privacy guarantees usually necessitates either sacrificing functionality, incurring high resource costs, or both. Indeed, there are powerful cryptographic protocols---private information retrieval (PIR), and secure two-party computation (2PC)---that provide strong guarantees but are orders of magnitude more expensive than their non-private counterparts. This dissertation takes these protocols as a starting point and then substantially reduces their costs by tailoring them using application-specific properties. It presents two systems, Popcorn and Pretzel, built on this design ethos. Popcorn is a Netflix-like media delivery system, that provably hides, even from the content distributor (for example, Netflix), which movie a user is watching. Popcorn tailors PIR protocols to the media domain. It amortizes the server-side overhead of PIR by batching requests from the large number of concurrent users retrieving content at any given time; and, it forms large batches without introducing playback delays by leveraging the properties of media streaming. Popcorn is consistent with the prevailing commercial regime (copyrights, etc.), and its per-request dollar cost is 3.87 times that of a non-private system. The other system described in this dissertation, Pretzel, is an email system that encrypts emails end-to-end between senders and intended recipients, but allows the email service provider to perform content-based spam filtering and targeted advertising. Pretzel refines a 2PC protocol. It reduces the resource consumption of the protocol by replacing the underlying encryption scheme with a more efficient one, applying a packing technique to conserve invocations of the encryption algorithm, and pruning the inputs to the protocol. Pretzel's costs, versus a legacy non-private implementation, are estimated to be up to 5.4 times for the email provider, with additional but modest client-side requirements. Popcorn and Pretzel have fundamental connections. For instance, the cryptographic protocols in both systems securely compute vector-matrix products. However, we observe that differences in the vector and matrix dimensions lead to different system designs. Ultimately, both systems represent a potentially appealing compromise: sacrifice some functionality to build in strong privacy properties at affordable costs.Computer Science