Loading presentation...

Present Remotely

Send the link below via email or IM


Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.


Key-Aggregate Cryptosystem for Scalable Data Sharing in Clou

No description

Anuradha Ramakrishnan

on 12 May 2014

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of Key-Aggregate Cryptosystem for Scalable Data Sharing in Clou

CSCI 7002 - Computer Security

Cloud Storage
Why Cloud??
Security Issues
Dropbox has become “problem child” of cloud security
A year ago, Dropbox disclosed that all of its users’ files were publicly accessible for nearly four hours due to a bug in the company’s authentication mechanism.

In April, a security hole was discovered in Dropbox’s iOS app, which allowed anyone with physical access to your phone to copy your login credentials — because it stored user login information in unencrypted text files

Now some user usernames and passwords were stolen “from other websites,” and their accounts accessed.
Cloud Storage

Traditional Approach

Types of Encryption

Various Approaches

Key Aggregrate Cryptosystems

Cloud Storage
Types of Encryption
Oldest and best-known technique
Same key used to encrypt and decrypt
key needs to stored securely

Uses public and private key
Slower than symmetric
More flexible
Google’s Cloud Platform Gets Improved Hadoop Support With BigQuery And Cloud Datastore Connectors
Amazon Merges Kindle Personal Documents With Cloud Drive
HP Finds Mobile Tax Apps Lacking On Security, Privacy
Traditional Approach
Key Assignment Schemes
Symmetric Key Encryption
IBE with Compact Key
Attribute Based Encryption
Key Aggregate Cryptosystems
Key Assignment Schemes
A method to generate tree hierarchy of symmetric-keys by using repeated evaluation of block cipher on a fixed graph.

The concept can be generalized from a tree to a graph.
Symmetric Key Encryption
Transmitting large number of keys in broadcast scenario.

A composite modulus N = p * q is chosen where p and q are two large random primes.

A master-secret key Y is chosen at random

Each class is associated with a distinct prime ei.

All these prime numbers can be put in the public system parameter.

A constant-size key for set is

IBE with Compact Key
Attribute - Based Encryption
Attribute-based encryption (ABE), allows each ciphertext to be associated with an attribute.

The master-secret key holder can extract a secret key for a policy of these attributes so that a ciphertext can be decrypted by his key if its associated attribute conforms to the policy
Key Aggregate Cryptosystem
Steps in KAC
Executed by the data owner to setup an account on an untrusted server
It outputs the public system parameter param, which is omitted from the input of the other algorithms

Executed by the data owner to randomly generate a public/master-secret key pair (pk,msk)
Steps in KAC
Executed by the data owner for delegating the decrypting power for a certain set of ciphertext classes to a delegatee.
Input = master-secret key msk and a set S of indices corresponding to different classes
Outputs = aggregate key for set S denoted by K

Executed by a delegatee who received an aggregate key KS generated by Extract.
Input = KS and the set Si, where index i = ciphertext class
outputs = m if i element of S.

To ensure data privacy, a traditional way is to rely on the server to enforce the access control after authentication which means any unexpected privilege escalation will expose all data.

Data from different clients can be hosted on separate virtual machines (VMs) but reside on a single physical machine. Data in a target VM could be stolen by instantiating another VM coresident with the target one .
Data breaches
A virtual machine could use side-channel timing information to extract private cryptographic keys in use by other VMs on the same server.

Data loss
The prospect of seeing your valuable data disappear into the ether without a trace.

IBE is a public - key encryption, where the public key of a user can be set as an identity string of the user.

Trusted party or the private key generator holds the master - secret key and issues to each user with respect to its identity.

Encryptor takes public parameter and user identity to encrypt the message

Recipient can decrypt the ciphertext by his secret key
Comparison between KAC and other schemes
Cloud Storage
Anuradha Ramakrishnan
CSCI 7002 Computer Security
[1] Cheng-Kang Chu, Sherman S.M. Chow, Wen-Guey Tzeng, Jianying Zhou, and Robert H. Deng, “Key-Aggregate Cryptosystem for Scalable Data Sharing in Cloud Storage“, IEEE TRANSACTIONS ON PARALLEL AND DISTRIBUTED SYSTEMS, VOL. 25, NO. 2, FEBRUARY 2014.

[2] L. Hardesty, Secure Computers Aren’t so Secure. MIT press, http://www.physorg.com/news176107396.html, 2009.

[3] C. Wang, S.S.M. Chow, Q. Wang, K. Ren, and W. Lou, "Privacy Preserving Public Auditing for Secure Cloud Storage” IEEE Trans.Computers, vol. 62, no. 2, pp. 362-375, Feb. 2013.

[4] M.J. Atallah, M. Blanton, N. Fazio, and K.B. Frikken, “Dynamic and Efficient Key Management for Access Hierarchies,” ACM Trans. Information and System Security, vol. 12, no. 3, pp. 18:1-18:43,2009.

[5] J. Benaloh, M. Chase, E. Horvitz, and K. Lauter, “Patient Controlled Encryption: Ensuring Privacy of Electronic Medical Records,” Proc. ACM Workshop Cloud Computing Security (CCSW ’09), pp. 103-114, 2009.

[6] F. Guo, Y. Mu, Z. Chen, and L. Xu, “Multi-Identity Single-Key Decryption without Random Oracles,” Proc. Information Security and Cryptology (Inscrypt ’07), vol. 4990, pp. 384-398, 2007.

[7] V. Goyal, O. Pandey, A. Sahai, and B. Waters, “Attribute-Based Encryption for Fine-Grained Access Control of Encrypted Data,”Proc. 13th ACM Conf. Computer and Comm. Security (CCS ’06), pp. 89-98, 2006.

Full transcript