Download machine learning project of auto encoder for missing values and more Study Guides, Projects, Research Engineering in PDF only on Docsity!
Group data sharing agreement using block design based key in
cloud computing
Abstract —Data sharing in cloud computing enables multiple participants to freely share the group data, which improves the efficiency of work in cooperative environments and has widespread potential applications. However, how to ensure the security of data sharing within a group and how to efficiently share the outsourced data in a group manner are formidable challenges. Note that key agreement protocols have played a very important role in secure and efficient group data sharing in cloud computing. In this paper, by taking advantage of the symmetric balanced incomplete block design (SBIBD), we present a novel block design- based key agreement protocol that supports multiple participants, which can flexibly extend the number of participants in a cloud environment according to the structure of the block design. Based on the proposed group data sharing model, we present general formulas for generating the common conference key K for multiple participants. Note that by benefiting from the (v; k + 1; 1)-block design, the computational complexity of the proposed protocol linearly increases with the number of participants and the communication complexity is greatly reduced. In addition, the fault tolerance property of our protocol enables the group data sharing in cloud computing to withstand different key attacks, which is similar to Yi’s protocol. Keywords —Key agreement protocol, symmetric balanced incomplete block design (SBIBD), data sharing, cloud computing.
1. Introduction Cloud computing and cloud storage have become hot topics in recent decades. Both are changing the way we live and greatly improving production efficiency in some areas. At present, due to limited storage resources and the requirement for convenient access, we prefer to store all types of data in cloud servers, which is also a good option for companies and organizations to avoid the overhead of deploying and maintaining equipment when data are stored locally. The cloud server provides an open and convenient storage platform for individuals and organizations, but it also introduces security problems. For instance, a cloud system may be subjected to attacks from both malicious users and cloud providers. In these scenarios, it is important to ensure the security of the stored data in the cloud. In [1], [2], [3], several schemes were proposed to preserve the privacy of the outsourced data. The above
schemes only considered security problems of a single data owner. However, in some applications, multiple data owners would like to securely share their data in a group manner. Therefore, a protocol that supports secure group data sharing under cloud computing is needed. A key agreement protocol is used to generate a common conference key for multiple participants to ensure the security of their later communications, and this protocol can be applied in cloud computing to support secure and efficient data sharing. Since it was introduced by Diffie-Hellman in their seminal paper [4], the key agreement protocol has become one of the fundamental cryptographic primitives. The basic version of the Diffie- Hellman protocol provides an efficient solution to the problem of creating a common secret key between two participants. In cryptography, a key agreement protocol is a protocol in which two or more parties can agree on a key in such a way that both influence the outcome. By employing the key agreement protocol, the conferees can securely send and receive messages from each other using the common conference key that they agree upon in advance. Specifically, a secure key agreement protocol ensures that the adversary cannot obtain the generated key by implementing malicious attacks, such as eavesdropping. Thus, the key agreement protocol can be widely used in interactive communication environments with high security requirements (e.g., remote board meetings, teleconferences, collaborative workspaces, radio frequency identification [5], cloud computing and so on). The Diffie- Hellman key agreement [4] provides a way to generate keys. However, it does not provide an authentication service, which makes it vulnerable to man in- the-middle attacks. This situation can be addressed by adding some forms of authentication mechanisms to the protocol, as proposed by Law et al. in [6]. In addition, the Diffie-Hellman key agreement can only support two participants. Subsequently, to solve the different key attacks from malicious conferees, who attempt to deliberately delay or destroy the conference, Yi proposed an identity-based fault-tolerant conference key agreement in [7]. Currently, many researches have been devoted to improving the security and communication efficiency of the key agreement protocol, which is covered in the literature [8], [9], [10], [11]. Note that in Chung and Bae’s paper [12] and Lee et al.’s paper [13], block design is utilized in the design of an efficient load balance algorithm to maintain load balancing in a distributed system. Inspired by [12] and [13], we introduce the symmetric balanced incomplete block design (SBIBD) in designing the key agreement protocol to reduce the complexity of communication and computation. As far as we know, the work to design the key agreement protocol with respect to the SBIBD is novel and original.
[13] O. Lee, S. Yoo, B. Park, and I. Chung, “The design and analysis of an efficient load balancing algorithm employing the symmetric balanced incomplete block design.” Information Sciences, vol. 176, no. 15, pp. 2148–2160, 2006. [14] R. Curtmola, J. Garay, S. Kamara, and R. Ostrovsky, “Searchable symmetric encryption: Improved definitions and efficient constructions,” Journal of Computer Security, vol. 19, no. 5, pp. 79–88, 2011. [15] N. Cao, C. Wang, M. Li, K. Ren, and W. Lou, “Privacy-preserving multi-keyword ranked search over encrypted cloud data,” IEEE Transactions on Parallel and Distributed Systems, vol. 25, no. 1, pp.222–233, 2014. [16] J. Yu, K. Ren, C. Wang, and V. Varadharajan, “Enabling cloud storage auditing with key-exposure resistance,” IEEE Transactions on Information Forensics and Security, vol. 10, no. 6, pp. 1–1, 2015. [17] J. Yu, K. Ren, and C. Wang, “Enabling cloud storage auditing with verifiable outsourcing of key updates,” IEEE Transactions on Information Forensics and Security, vol. 11, no. 6, pp. 1–1, 2016. [18] S. D. C. D. Vimercati, S. Foresti, S. Jajodia, S. Paraboschi, and P. Samarati, “Encryption policies for regulating access to outsourced data,” Acm Transactions on Database Systems, vol. 35, no. 2, pp. 78–78, 2010. [19] H. Guo, Z. Li, Y. Mu, and X. Zhang, “Cryptanalysis of simple three-party key exchange protocol,” Computers and Security, vol. 27, no. 1-2, pp. 16–21, 2008. [20] Z. Tan, “An enhanced three-party authentication key exchange protocol for mobile commerce environments,” Journal of Communications, vol. 5, no. 5, pp. 436–443,
[21] Y. M. Tseng, “An efficient two-party identity-based key exchange protocol.” Informatica, vol. 18, no. 1, pp. 125–136, 2007. [22] A. Shamir, “Identity-based cryptosystems and signature schemes,” Lecture Notes in Computer Science, vol. 21, no. 2, pp. 47–53, 1985. [23] E. Bresson, O. Chevassut, D. Pointcheval, and J. J. Quisquater, “Provably authenticated group diffie-hellman key exchange,” Acm Transactions on Information and System Security, vol. 10, no. 3, pp.89–92, 2001. [24] D. R. Stinson, Combinatorial designs: constructions and analysis. Springer Science and Business Media, 2007.
[25] J. Shen, J. Shen, X. Chen, X. Huang, and W. Susilo, “An efficient public auditing protocol with novel dynamic structure for cloud data,” IEEE Transactions on Information Forensics and Security, 2017, doi: 10.1109/TIFS.2017.2705620. [26] B. Lamacchia, K. Lauter, and A. Mityagin, “Stronger security of authenticated key exchange,” in International Conference on Provable Security, 2007, pp. 1–16. [27] O. Hasan, L. Brunie, E. Bertino, and N. Shang, “A decentralized privacy preserving reputation protocol for the malicious adversarial model,” Information Forensics and Security IEEE Transactions on, vol. 8, no. 6, pp. 949–962, 2013. [28] L.-K. Hua, Introduction to number theory. Springer Science and Business Media,
[29] W. Stallings, “Cryptography and network security: Principles and practice,” International Annals of Criminology, vol. 46, no. 4, pp. 121–136, 2008. [30] M. Steiner, G. Tsudik, and M. Waidner, “Key agreement in dynamic peer groups,” IEEE Transactions on Parallel and Distributed Systems, vol. 11, no. 8, pp. 769–780,
