Energy-efficient secure outsourcing decryption of attribute based encryption for mobile device in cloud computation

This is a copy of the author 's final draft version of an article published in the "Journal of ambient intelligence and humanized computing". The final publication is available at Springer via http://dx.doi.org/10.1007/s12652-017-0658-2In this paper two new ways for efficient secure outsourcing the decryption of key-policy attribute-based encryption (KP-ABE) with energy efficiency are proposed. Based on an observation about the permutation property of the access structure for the attribute based encryption schemes, we propose a high efficient way for outsourcing the decryption of KP-ABE, which is suitable for being used in mobile devices. But it can only be used for the ABE schemes having tree-like access structure for the self-enclosed system. The second way is motivated from the fact that almost all the previous work on outsourcing the decryption of KP-ABE cares little about the ciphertext length. Almost all the previous schemes for secure outsourcing the decryption of ABE have linear length ciphertext with the attributes or the policy. But transferring so long ciphertexts via wireless network for mobile phone can easily run out of battery power, therefore it can not be adapted to practical application scenarios. Thus another new scheme for outsourcing the decryption of ABE but with constant-size ciphertexts is proposed. Furthermore, our second proposal gives a new efficient way for secure outsourcing the decryptor’s secret key to the cloud, which need only one modular exponentiation while all the previous schemes need many. We evaluate the efficiency of our proposals and the results show that our proposals are practical.Peer ReviewedPostprint (author's final draft

On the feasibility of attribute-based encryption on Internet of Things devices

Attribute-based encryption (ABE) could be an effective cryptographic tool for the secure management of Internet of Things (IoT) devices, but its feasibility in the IoT has been under-investigated thus far. This article explores such feasibility for well-known IoT platforms, namely, Intel Galileo Gen 2, Intel Edison, Raspberry pi 1 model B, and Raspberry pi zero, and concludes that adopting ABE in the IoT is indeed feasible

PHOABE : securely outsourcing multi-authority attribute based encryption with policy hidden for cloud assisted IoT

Attribute based encryption (ABE) is an encrypted access control mechanism that ensures efficient data sharing among dynamic group of users. Nevertheless, this encryption technique presents two main drawbacks, namely high decryption cost and publicly shared access policies, thus leading to possible users’ privacy leakage. In this paper, we introduce PHOABE, a Policy-Hidden Outsourced ABE scheme. Our construction presents several advantages. First, it is a multi-attribute authority ABE scheme. Second, the expensive computations for the ABE decryption process is partially delegated to a Semi Trusted Cloud Server. Third, users’ privacy is protected thanks to a hidden access policy. Fourth, PHOABE is proven to be selectively secure, verifiable and policy privacy preserving under the random oracle model. Five, estimation of the processing overhead proves its feasibility in IoT constrained environments

SEM-ACSIT:Secure and Efficient Multiauthority Access Control for IoT Cloud Storage

Data access control in a cloud storage system is regarded as a promising technique for enhanced efficiency and security utilizing a ciphertext-policy attribute-based encryption (CP-ABE) approach. However, due to a large number of data users as well as limited resources and heterogeneity of data devices in Internet of Things (IoT), existing access control schemes for the cloud storage are not effectively applicable to IoT applications. In this article, we construct a new CP-ABE-based storage model for data storing and secure access in a cloud for IoT applications. Our new framework introduces an attribute authority management (AAM) module in the cloud storage system functioned as an agent that provides a user-friendly access control and highly reduces the storage overhead of public keys. Then, we propose a novel secure and efficient multiauthority access control scheme of the cloud storage system for IoT, namely, SEM-ACSIT, which obtains both backward security and forward security when an attribute of a user is revoked. By exploiting encryption outsourcing, simplified key structuring and the AAM module, the computational overhead of a user is immensely decreased. Moreover, a user access control list (UACL) in the cloud server is constructed newly to support authorization access for a specific user. The analysis and simulation results demonstrate that our SEM-ACSIT scheme achieves powerful security with less computational overhead and lower storage costs than the existing schemes

A HYBRIDIZED ENCRYPTION SCHEME BASED ON ELLIPTIC CURVE CRYPTOGRAPHY FOR SECURING DATA IN SMART HEALTHCARE

Recent developments in smart healthcare have brought us a great deal of convenience. Connecting common objects to the Internet is made possible by the Internet of Things (IoT). These connected gadgets have sensors and actuators for data collection and transfer. However, if users' private health information is compromised or exposed, it will seriously harm their privacy and may endanger their lives. In order to encrypt data and establish perfectly alright access control for such sensitive information, attribute-based encryption (ABE) has typically been used. Traditional ABE, however, has a high processing overhead. As a result, an effective security system algorithm based on ABE and Fully Homomorphic Encryption (FHE) is developed to protect health-related data. ABE is a workable option for one-to-many communication and perfectly alright access management of encrypting data in a cloud environment. Without needing to decode the encrypted data, cloud servers can use the FHE algorithm to take valid actions on it. Because of its potential to provide excellent security with a tiny key size, elliptic curve cryptography (ECC) algorithm is also used. As a result, when compared to related existing methods in the literature, the suggested hybridized algorithm (ABE-FHE-ECC) has reduced computation and storage overheads. A comprehensive safety evidence clearly shows that the suggested method is protected by the Decisional Bilinear Diffie-Hellman postulate. The experimental results demonstrate that this system is more effective for devices with limited resources than the conventional ABE when the system’s performance is assessed by utilizing standard model

A Hybrid Multi-user Cloud Access Control based Block Chain Framework for Privacy Preserving Distributed Databases

Most of the traditional medical applications are insecure and difficult to compute the data integrity with variable hash size. Traditional medical data security systems are insecure and it depend on static parameters for data security. Also, distributed based cloud storage systems are independent of integrity computational and data security due to unstructured data and computational memory. As the size of the data and its dimensions are increasing in the public and private cloud servers, it is difficult to provide the machine learning based privacy preserving in cloud computing environment. Block-chain technology plays a vital role for large cloud databases. Most of the conventional block-chain frameworks are based on the existing integrity and confidentiality models. Also, these models are based on the data size and file format. In this model, a novel integrity verification and encryption framework is designed and implemented in cloud environment.  In order to overcome these problems in the cloud computing environment, a hybrid integrity and security-based block-chain framework is designed and implemented on the large distributed databases. In this framework,a novel decision tree classifier is used along with non-linear mathematical hash algorithm and advanced attribute-based encryption models are used to improve the privacy of multiple users on the large cloud datasets. Experimental results proved that the proposed advanced privacy preserving based block-chain technology has better efficiency than the traditional block-chain based privacy preserving systems on large distributed databases

A Practical Framework for Storing and Searching Encrypted Data on Cloud Storage

Security has become a significant concern with the increased popularity of cloud storage services. It comes with the vulnerability of being accessed by third parties. Security is one of the major hurdles in the cloud server for the user when the user data that reside in local storage is outsourced to the cloud. It has given rise to security concerns involved in data confidentiality even after the deletion of data from cloud storage. Though, it raises a serious problem when the encrypted data needs to be shared with more people than the data owner initially designated. However, searching on encrypted data is a fundamental issue in cloud storage. The method of searching over encrypted data represents a significant challenge in the cloud. Searchable encryption allows a cloud server to conduct a search over encrypted data on behalf of the data users without learning the underlying plaintexts. While many academic SE schemes show provable security, they usually expose some query information, making them less practical, weak in usability, and challenging to deploy. Also, sharing encrypted data with other authorized users must provide each document's secret key. However, this way has many limitations due to the difficulty of key management and distribution. We have designed the system using the existing cryptographic approaches, ensuring the search on encrypted data over the cloud. The primary focus of our proposed model is to ensure user privacy and security through a less computationally intensive, user-friendly system with a trusted third party entity. To demonstrate our proposed model, we have implemented a web application called CryptoSearch as an overlay system on top of a well-known cloud storage domain. It exhibits secure search on encrypted data with no compromise to the user-friendliness and the scheme's functional performance in real-world applications.Comment: 146 Pages, Master's Thesis, 6 Chapters, 96 Figures, 11 Table