Data Sharing on Untrusted Storage with Attribute-Based Encryption

Storing data on untrusted storage makes secure data sharing a challenge issue. On one hand, data access policies should be enforced on these storage servers; on the other hand, confidentiality of sensitive data should be well protected against them. Cryptographic methods are usually applied to address this issue -- only encrypted data are stored on storage servers while retaining secret key(s) to the data owner herself; user access is granted by issuing the corresponding data decryption keys. The main challenges for cryptographic methods include simultaneously achieving system scalability and fine-grained data access control, efficient key/user management, user accountability and etc. To address these challenge issues, this dissertation studies and enhances a novel public-key cryptography -- attribute-based encryption (ABE), and applies it for fine-grained data access control on untrusted storage. The first part of this dissertation discusses the necessity of applying ABE to secure data sharing on untrusted storage and addresses several security issues for ABE. More specifically, we propose three enhancement schemes for ABE: In the first enhancement scheme, we focus on how to revoke users in ABE with the help of untrusted servers. In this work, we enable the data owner to delegate most computation-intensive tasks pertained to user revocation to untrusted servers without disclosing data content to them. In the second enhancement scheme, we address key abuse attacks in ABE, in which authorized but malicious users abuse their access privileges by sharing their decryption keys with unauthorized users. Our proposed scheme makes it possible for the data owner to efficiently disclose the original key owner\u27s identity merely by checking the input and output of a suspicious user\u27s decryption device. Our third enhancement schemes study the issue of privacy preservation in ABE. Specifically, our proposed schemes hide the data owner\u27s access policy not only to the untrusted servers but also to all the users. The second part presents our ABE-based secure data sharing solutions for two specific applications -- Cloud Computing and Wireless Sensor Networks (WSNs). In Cloud Computing cloud servers are usually operated by third-party providers, which are almost certain to be outside the trust domain of cloud users. To secure data storage and sharing for cloud users, our proposed scheme lets the data owner (also a cloud user) generate her own ABE keys for data encryption and take the full control on key distribution/revocation. The main challenge in this work is to make the computation load affordable to the data owner and data consumers (both are cloud users). We address this challenge by uniquely combining various computation delegation techniques with ABE and allow both the data owner and data consumers to securely mitigate most computation-intensive tasks to cloud servers which are envisaged to have unlimited resources. In WSNs, wireless sensor nodes are often unattendedly deployed in the field and vulnerable to strong attacks such as memory breach. For securing storage and sharing of data on distributed storage sensor nodes while retaining data confidentiality, sensor nodes encrypt their collected data using ABE public keys and store encrypted data on storage nodes. Authorized users are given corresponding decryption keys to read data. The main challenge in this case is that sensor nodes are extremely resource-constrained and can just afford limited computation/communication load. Taking this into account we divide the lifetime of sensor nodes into phases and distribute the computation tasks into each phase. We also revised the original ABE scheme to make the overhead pertained to user revocation minimal for sensor nodes. Feasibility of the scheme is demonstrated by experiments on real sensor platforms

Fourier expansion of light-cone Eisenstein series

In this work we give an explicit formula for the Fourier coefficients of Eisenstein series corresponding to certain arithmetic lattices acting on hyperbolic n+1-space. As a consequence we obtain results on location of all poles of these Eisenstein series as well as their supremum norms. We use this information to get new results on counting rational points on spheres.Comment: 61 pages; corrected a mistake in Theorem 1.5 and various other small improvements in presentatio

Second moment of the light-cone Siegel transform and applications

We study the light-cone Siegel transform, transforming functions on the light cone of a rational indefinite quadratic form $Q$ to a function on the homogenous space $\text{SO}^+_Q(\mathbb{Z})\backslash \text{SO}^+_Q(\mathbb{R})$. In particular, we prove a second moment formula for this transform for forms of signature $(n+1,1)$, and show how it can be used for various applications for counting integer points on the light cone. In particular, we prove some new results on intrinsic Diophantine approximations on ellipsoids as well as on the distribution of values of random linear and quadratic forms on the light cone.Comment: 50 page

Second moments of incomplete Eisenstein series and applications

Thesis advisor: Dubi KelmerWe prove a second moment formula for incomplete Eisenstein series on the homogeneous space Γ\G with G the orientation preserving isometry group of the real (n + 1)-dimensional hyperbolic space and Γ⊂ G a non-uniform lattice. This result generalizes the classical Rogers' second moment formula for Siegel transform on the space of unimodular lattices. We give two applications of this moment formula. In Chapter 5 we prove a logarithm law for unipotent flows making cusp excursions in a non-compact finite-volume hyperbolic manifold. In Chapter 6 we study the counting problem counting the number of orbits of Γ-translates in an increasing family of generalized sectors in the light cone, and prove a power saving estimate for the error term for a generic Γ-translate with the exponent determined by the largest exceptional pole of corresponding Eisenstein series. When Γ is taken to be the lattice of integral points, we give applications to the primitive lattice points counting problem on the light cone for a generic unimodular lattice coming from SO₀(n+1,1)(ℤ\SO₀(n+1,1).Thesis (PhD) — Boston College, 2018.Submitted to: Boston College. Graduate School of Arts and Sciences.Discipline: Mathematics

Quantitative Diophantine approximation with congruence conditions

In this short paper we prove a quantitative version of the Khintchine-Groshev Theorem with congruence conditions. Our argument relies on a classical argument of Schmidt on counting generic lattice points, which in turn relies on a certain variance bound on the space of lattices