# Enforcing Role-Based Access Control for Secure Data Storage in the Cloud

Save this PDF as:

Size: px
Start display at page:

Download "Enforcing Role-Based Access Control for Secure Data Storage in the Cloud"

## Transcription

6 168 L. Zhou et al. h be the generator of G 1 and G 2 respectively and v =ê(g h). Solving the (PQRf) GDDHE problem consists given g g γ...g γ 2n hh γ...h γ 2n (g P(x 1...x n ) h Q(x 1...x n ) v R(x 1...x n ) ) and K G T in deciding whether K is equal to ê(g h) f(x 1...x n ) or some random element of G T. 4. OUR RBE SCHEME In this section we propose our hybrid RBE scheme and the scheme is designed as follows: Setup (λ): Generate three groups G 1 G 2 G T and an bilinear map ê : G 1 G 2 G T. Choose random generators g G 1 and h G 2 a random value t Z p two secret values s k Z p and select two hash functions H 1 :{ 1} Z p H 2 : G T Z p. The master secret key mk and system public key pk are defined as mk = (skg) pk = (wvyg k hh s...h sq ) where w = g s v =ê(g h) y = g t and q is the maximum number of involved users and roles. CreateRole (mk ID R ): To create a role with identity ID R where {ID R1...ID Rm } are the identities of all the predecessor roles of role R the role manager RM first outputs an empty role user list RUL and chooses a random secret value r Z p. Then RM computes K = v r W = w r and sends K to GA via a secure channel. After receiving K GA first generates the role secret sk R s+h sk R = g 1 (ID R ) and computes the role public parameters as A = h (s+h 1(ID R )) m i=1 (s+h 1 (ID Ri )) B = A k S = sk R y k y H2(K) s+h = g 1 (ID R ) +t(k+h 2(K)). CreateUser (mk ID U ): When a user with identity ID U is added to the system GA simply computes the user secret dk U = g 1/(s+H 1(ID U )) and gives dk U to the user U. AddUser (pk pub Ri N ID Uk ):A user U k with identity ID Uk wishes to join the role R i and assume that R i already has a set N of n users where U k / N. RM first computes V i = h r i (s+h 1 (ID Uk )) n j=1 (s+h 1 (ID Uj )). Then RM adds ID Uk into RUL and outputs the role public information (ID Ri A i B i W i V i S i RUL). Encrypt (pk pub Rx M): Assume that the owner of the message M G T wants to encrypt M for the role R x.given 1 1 pk = (wvyg k hh s...h sm ) the owner randomly picks z Z p and computes C 1 = w z C 2 = y z C 3 = A z x C 4 = M v z. The owner outputs the ciphertext C = C 1 C 2 C 3 C 4. Decrypt (pk pub Ri dk Uk C): Assume role R x has a set R of predecessor roles and the set M = R x R has m roles {R 1...R m }. R i R is one predecessor role of R x and there is a set N of n users {U 1...U n } in R i and the user U k N who is entitled to the role R i wants to decrypt the message M. U k computes ( M = C 4 ê(c 1 h pim(s) )ê(c 2 B x )ê ( )) 1/ Si mj=1j =i H 1 (ID Rj ) y C H 2(K i ) 3 where K i = (ê(dk Uk V i ) ê(w i h p kn (s) )) 1/ n j=1j =k H 1 (ID Uj ) and p im (s) = 1 m m s (s + H 1 (ID Rj )) (H 1 (ID Rj )) p kn (s) = 1 s j=1j =i n j=1j =k (s + H 1 (ID Uj )) j=1j =i n j=1j =k (H 1 (ID Uj )). RevokeUser (pk pub R N ID U ): To revoke a user U k from a role R i which has a set N of n users and U k N. The role manager RM first removes ID Uk from role user list RUL and chooses a random value r i Z p. Then RM computes K i = vr i W i = w r i V i = h r i n j=1j =k (s+h 1 (ID Uj )) and sends K i to GA via a secure channel. Suppose {R 1...R m } are all the existing roles in the system GA then chooses a random secret value t Z p computes y = g t S j = g 1/(s+H 1(ID Rj ))+t (k+h 2 (K j )) 1 j m and publishes all these values. The role public information now changes to (ID Ri A i B i W i V i S i RUL). Correctness: To check the correctness of the scheme now we show that M = M. Assume that dk Uk is a valid decryption key The Computer Journal Vol. 54 No

7 for identity ID Uk of user U k in the system and U k is the member of role ID R which the message was encrypted to. First we look into the computation of K i : K i =ê(dk Uk V i ) ê(w i h p kn (s) ) =ê(g 1/(s+H 1(ID Uk )) h r nj=1 i (s+h 1 (ID Uj )) ) ê(w r i h p kn (s) ) =ê(g h) r i nj=1j =k (s+h 1 (ID Uj )) ê(g h) r i s p kn (s) =ê(g h) r i n j=1j =k H 1 (ID Uj ). Then we have Next we verify: K i = (K i )1/ n j=1j =k H 1 (ID Uj ) =ê(g h) r i = v r i. Enforcing Role-Based Access Control in the Cloud 1681 K =ê(c 1 h p im(s) ) ê(c 2 B x ) ê(s i y H 2(K i ) C 3 ) Thus we have =ê(g zs h p im(s) ) ê(g zt h k m j=1 (s+h 1 (ID Rj )) ) ê(g 1/(s+H 1(ID Ri ))+kt h z m j=1 (s+h 1 (ID Rj )) ) =ê(g h) zs p im(s)+1/(s+h 1 (ID Ri )) z m j=1 (s+h 1 (ID Rj )) =ê(g h) z m j=1j =i H 1 (ID Rj ). M = C 4 (K ) 1/ m j=1j =i H 1 (ID Rj ) = Mv z ê(g h) z = M. In the earlier-mentioned scheme the owner of the message is able to specify a role R and encrypts the message M to this role. Only this role R and the roles that are predecessors of the role R can decrypt the message with their role secrets or randomized role secrets. For an individual role the randomized role secret is encrypted in such a way that only the users in the role have the ability to decrypt the randomized role secret and therefore are able to recover the message M. Clearly a user who cannot decrypt the randomized role secret cannot learn anything about the content of the message. Note that the encryption has been split into separate levels. The role manager can add new users without changing the randomized role secret which means that new users will be able to decrypt the message that was encrypted before he/she was assigned to this role and the owner does not need to reencrypt the message. On the other hand when revoking a user a role manager will need to have the GA re-randomize the role secret so that this user cannot use the previous randomized role secret to decrypt messages any more but no other roles will be affected by the changes to this role. Let us now illustrate the scheme using some simple example scenarios Example scenarios In this section we give two small examples to illustrate the proposed RBE scheme (see Fig. 1). FIGURE 1. Hierarchical RBAC. In Fig. 1a the role R 1 is the predecessor role of role R 2 and the role R 2 is the predecessor role of role R 3. GA generates role public parameters pub Ri for each role where pub Ri contain the identities of all the predecessor roles. When a user (owner of data) wishes to encrypt a message M for role R 3 pub R3 will be used as the public key. Since pub R3 includes the identities of R 1 and R 2 the message M is also encrypted for role R 1 and R 2. When a user U 1 in role R 1 wants to decrypt the message he/she only needs to use the user decryption key dk U1 and the public parameters pub R1 of role R 1 to decrypt the ciphertext. In this case when the role manager wants to assign the role to a new user RM only needs to update the pub R1. Figure 1b illustrates a situation whereby the role R 1 is the predecessor role of two roles R 2 and R 3 and both R 2 and R 3 are predecessor roles of the role R 4. Firstly GA generates role public parameters for each role. Note that pub R4 will have the information for the identities of R 1 R 2 and R 3. Whenever a user encrypts a message M for role R 4 all the users in R 1 R 2 and R 3 will be able to decrypt the message. Here we can see that the size of pub R4 remains constant regardless of the number of roles that inherit from it. When adding a new role to the system or removing an old role only the successor roles will be affected. In Fig. 1b if GA wants to remove R 3 from the hierarchical structure only the pub R4 will need to be updated and R 1 and R 2 will not be affected. Returning to our healthcare scenario assumealice is a patient who wants to store her health record in an online personal health record (PHR) cloud server so that she can easily share the information with other people she chooses. Now let us assume that Alice wishes to allow her doctors to access her PHR but not the nurses in the practice. In our hybrid RBE scheme we first create the roles for Doctor and Nurse and each role public key contains an encrypt form randomized role secret that can The Computer Journal Vol. 54 No

10 1684 L. Zhou et al. CreateRole (mk ID R ): Same as in the original RBE scheme. CreateUser (mk ID U ): Same as in the original RBE scheme. AddUser (pk sk Ri N ID Uk ): Same as in the original RBE scheme. Encrypt (pk pub R M): Assume that the owner of the message M { 1} n wants to encrypt M for the role R x.given pk = (wvyg k hh s...h sm ) the owner randomly picks δ G T sets z = H 3 (δ M) and computes C 1 = w z C 2 = y z C 3 = A x z C 4 = δ v z. The owner outputs the ciphertext TABLE 1. Comparison of schemes. Our scheme [2] [7] [11] Ciphertext length O(1) O(n) O(n) O(m) Encryption complexity O(1) O(1) O(n) O(n) Decryption complexity O(n) O(1) O(n) O(n) Computation round(s) 1 m m 1 in decryption Users revocation Yes Yes Yes No Users affected in a revocation n n C = C 1 C 2 C 3 C 4 H 4 (δ) M. Decrypt (pk pub R dk Uk C): Let C = C 1 C 2 C 3 C 4 C 5 be a ciphertext. The user first computes δ as in the original scheme and then computes M = C 5 H 4 (δ) RevokeUser (pk sk R N ID U ): Same as in the original RBE scheme Scheme efficiency Our scheme has several distinct advantages compared with the schemes that are earlier mentioned in the Related Work in Section Size of ciphertext and decryption key Our scheme has constant-size ciphertext and decryption key. That is the size of the ciphertext and decryption key is independent of the number of roles and users in the system and it will not increase when new roles are created or more users join the system. These are significant features when it comes to development of large-scale systems. In comparison for the schemes given in [2 7] the size of the ciphertext is linearly proportional to the number of users which make these schemes inefficient in practical systems where there can be a large number of users. Furthermore in these schemes when a user has multiple roles multiple copies of the keys or ciphertexts are required for a single user in every role while in our scheme no matter how many roles that a user have the size of keys and ciphertexts remain constant. The scheme in [11] has reduced the size of the ciphertext to be linearly proportional to the depth of the role hierarchy. However their scheme is not able to deal with user revocation and the ciphertext size is still not constant User management The schemes mentioned in the Related Work in Section 2 all assume the existence of a single trusted party who manages the role memberships of the users. In this case this single trusted party needs to verify the qualification of the user whenever a role wishes to add a new user. However in the real world whether a user is entitled to a role or not is usually decided by different entities who are responsible for validating the users qualifications for different roles. In our scheme the role memberships of the users are no longer decided by a single trusted party. Instead they are controlled by role managers who could be different for each role. This is more natural and reflects the situation in practice.a role manager can add or revoke a user without having to gain admissions from other parties including the trusted party. As mentioned earlier in our scheme a role manager RM can exclude the user from accessing future encrypted data. In [11] once the user obtains the decryption key the manager cannot revoke the user s permission even if the user does not qualify for the role as the decryption relies on the hierarchical structure of the roles. Unless the predecessor roles have changed the user can always decrypt the messages. In addition when a user has been excluded in our scheme the other users of the same role will not be affected. In the scheme described in [2] as the key structure had been constructed based on the access matrix when a user is removed from the access matrix the key management structure needs to be updated as well. This in turn will change the keys of all the other users. In the scheme [7] as the ciphertext is associated with the hierarchical structure the system parameters need to be re-generated every time a user s permission is revoked which results in all the other users having to update their keys. In our scheme when a user is excluded we can see that only the roles need to update their public information Computations Table 1 shows a comparison of our scheme with the other schemes in [2 7 11]. The Table assumes that there are n users of the same role and there are m roles between the role of the user and the specified role for the encryption in the role hierarchical structure. The decryption algorithm in our scheme only requires one round of computation while in [2 7] the user needs to compute the secrets of all the roles (nodes) that are on the path from the entitled role to the target one in the policy tree. The Computer Journal Vol. 54 No

11 Enforcing Role-Based Access Control in the Cloud 1685 As shown in Table 1 though the scheme in [2] is computationally more efficient in terms of decryption the complexity of role creation user grant and revocation operations is linearly proportional to the number of authorized users. This makes the scheme not scalable in practice. Moreover the number of computation rounds in decryption is linearly proportional to the number of roles in between in the role hierarchical structure. However our scheme with its constant size ciphertext and decryption key is more efficient for large scale systems and the decryption only requires one computation round. Comparing our scheme to the other two schemes in [7 11] our scheme has similar performance but has constant size ciphertext and decryption key. Furthermore our scheme also supports dynamic user revocation while the other two schemes do not. Effective dynamic user revocation is a fundamental requirement in most practical systems. 6. DISCUSSION In this section we briefly consider some aspects that can be optimized in the implementation of the proposed RBE scheme Preventing malicious cloud provider When an owner of the data wants to encrypt private data he/she needs to obtain the system public parameters w v pk and role public information A R pub R from the cloud in order to run the Encrypt algorithm. This process can be susceptible to a man-in-the-middle attack because a malicious cloud provider can return the pub R of another role R instead of the real pub R of the role R that the owner wants to encrypt the private data with. If this is done then the malicious cloud provider will be able to reveal the content of data without the knowledge of the owner. In order to prevent this kind of attack we propose the following: first we make the GA return system parameters w v together with the decryption key to the user while executing the CreateUser algorithm. Then we let GA sign the value A R under the identity of role R using an appropriate ID-based signature scheme (e.g. [22 23]) and return the signature sig(a R ID R ) along with A R. Upon receiving A R in running the Encrypt algorithm the owner should verify the signature corresponding to the identity of the role which he/she wants to encrypt the private data to before sending the ciphertext to the cloud. If the verification fails it means that the value A R is not the public information of the specified role R and the owner should not use it to encrypt the data Decrypting previously generated messages After executing the RevokeUser algorithm in our RBE scheme the role public information pub R is updated to prevent the excluded user from decrypting any future messages. However the Decrypt algorithm uses pub R which means the messages encrypted before executing RevokeUser algorithm cannot be decrypted even by the existing users of the role because the pub R used to decrypt the previously generated messages has been replaced. We can allow for this and enable decryption of previously generated messages in our RBE scheme by simply creating the indices for the ciphertext C and role public information pub R. When RM runs the AddUser or RevokeUser algorithm to create or update pub R the algorithm will create a unique index for pub R and insert it in the cloud rather than replacing the previous pub R. When an owner of the data is encrypting the private data the Encrypt algorithm can be modified to attach the index of the latest version pub R to the ciphertext C. When a user wants to decrypt a ciphertext C he/she can ask the cloud provider to return the ciphertext C and pub R of the role. The cloud provider can easily choose and return the corresponding pub R according to the index included in the ciphertext C. Moreover the role public information s update in RevokeUser algorithm requires the changes in the public parameter S of all the roles in the system and it could be inefficient when there is a large number of roles. However this work can be delegated to a trust authority by GA without giving out the master secret. Such an approach is being addressed as part of the implementation of the scheme Optimizing decryption strategy In our RBE scheme let us assume that m is the number of predecessor roles of a specific role and assume that there are n users in the same role with the user who runs the Decrypt algorithm. The Decrypt algorithm requires the expansion of two polynomials of m + 1 and n + 1 degrees respectively. This calculation could be time-consuming if m and n are very large numbers. We note that these two polynomials remain the same in the decryption of two different messages if the identities of roles and users are not changed. Therefore in the implementation the user can keep these values as auxiliary information to help with decrypting messages. These values only need to be re-calculated when the predecessor roles of the specific role are changed or the permission is revoked from another user in the same role. In addition the user needs the system public pk = (wvg k hh s...h sq ) to calculate the expansion of the polynomials which is inefficient in practice because downloading the pk every time could cost network traffic if q is a very large number. We can then utilize the computing power of the cloud to do the polynomial expansion because calculating them does not require any secret values and the cloud only needs to return the result of the polynomial expansion to the user which can markedly simplify the work for the user as well. More precisely in the decryption algorithm the user in role R 1 wants to decrypt the message that is encrypted to role R 2 and The Computer Journal Vol. 54 No

12 1686 L. Zhou et al. R 1 inherits all the permissions of R 2. When the user retrieves the ciphertext from the cloud the cloud computes the value of h p im(s) and h p kn (s) for the user and returns them to the user. This user can keep two auxiliary values (Aux R Aux U ) where Aux R = h p im(s) Aux U = H 2 (K i ). If a user wants to decrypt other messages that are encrypted to role R 2 in future Aux R can be reused in Decrypt algorithm and user only needs to ask the cloud to re-calculate the value when one or more predecessor roles of R 2 are changed. Similarly user can reuse Aux U to decrypt any future messages and Aux U only needs to be re-calculated when one or more users are excluded from R 1. This caching strategy can improve the decryption performance substantially as the user only needs to compute three pairings most of the time Implementation issues In this subsection we briefly discuss some issues related to the implementation. After the users have been given the decryption keys (when they join the system) the users should take the responsibility to store their secret keys safely. If a user s secret key is revealed to others other parties will have the ability to decrypt any data on behalf of the actual user. If a user discovers that his/her secret key has been revealed to other users he/she should report this to all appropriate role managers immediately and request that this user s identity be excluded from the role. Before a user is included into a role the role manager will need to authenticate the user so that the role manager can be convinced that the user qualifies for the role. We have not considered the authentication mechanisms in this paper; we have assumed that such mechanisms exist and assume that the role manager will assign the role only to the qualified users in the system. In our scheme the cloud platform is only used for storage purposes. The encryption and decryption computations do not occur in the cloud; hence the original private data from the owner and the secret key of a user will not be given to the cloud. Even if the cloud may be involved in the decryption algorithm the computations in the cloud will not involve any secret values from either the owners or the users. In our RBE scheme the system public pk is stored publicly in the cloud and can be retrieved by any user who has access to the cloud to encrypt the data. However in the case where a user needs to identify the original source of the data we can simply employ an ID-based digital signature scheme (e.g. [22 23]) and have the owner sign the ciphertext. Then the ciphertext can be stored along with its signature. When a user wants to decrypt the ciphertext he/she will need to verify the signature to check if the ciphertext is correctly signed by the owner from whom the user is expecting the data. 7. CONCLUDING REMARKS In this paper we have considered security requirements for storage of information in the cloud and proposed a hybrid RBE scheme that combines role-based access control with encryption to address them. We have constructed a specific RBE scheme using the BE scheme described in [1]. We have conducted security analysis of our scheme and have given proofs to show that our scheme is secure against adaptive attack and revocable- ID attack. We have discussed the performance and efficiency of our scheme and have compared it with other previously related work. We have shown that our scheme has several superior characteristics such as constant size ciphertext and decryption key efficient user revocation and user management and the ability to handle role hierarchies. We have also considered some aspects that can be optimized to achieve efficient implementation. We believe that the proposed scheme is suitable for large scale systems especially in the context of achieving user-centric secure information storage in a cloud computing environment. To provide further administrative convenience and scalability we are currently developing an administrative model for our RBE scheme. REFERENCES [1] Delerablée C. (27) Identity-based Broadcast Encryption with Constant Size Ciphertexts and Private Keys. ASIACRYPT Kuching Malaysia December 2 6 pp Springer Berlin. [2] Vimercati S. Foresti S. Jajodia S. Paraboschi S. and Samarati P. (27) Over-encryption: Management of Access Control Evolution on Outsourced Data. VLDB University of Vienna Austria September pp ACM New York. [3] Zych A. Petkovic M. and Jonker W. (28) Efficient key management for cryptographically enforced access control. Comput. Stand. Interfaces [4] Blundo C. Cimato S. di Vimercati S.D.C. Santis A.D. Foresti S. Paraboschi S. and Samarati P. (29) Efficient Key Management for Enforcing Access Control in Outsourced Scenarios. SEC Pafos Cyprus May 18 2 pp Springer Berlin. [5] Atallah M.J. Frikken K.B. and Blanton M. (25) Dynamic and Efficient Key Management for Access Hierarchies. ACM Conf. Computer and Communications Security Alexandria VA USA November 7 11 pp ACM New York. [6] Goyal V. Pandey O. Sahai A. and Waters B. (26) Attributebased Encryption for Fine-grained Access Control of Encrypted Data. ACM Conf. Computer and Communications Security AlexandriaVA USA October 3 November 3 pp ACM New York. [7] Bethencourt J. SahaiA. and Waters B. (27) Ciphertext-policy Attribute-based Encryption. IEEE Symp. Security and Privacy Oakland CA USA May 2 23 pp IEEE Computer Society Los Alamitos. The Computer Journal Vol. 54 No

13 Enforcing Role-Based Access Control in the Cloud 1687 [8] Cheung L. and Newport C.C. (27) Provably Secure Ciphertext PolicyAbe. ACM Conf. Computer and Communications Security Alexandria VA USA October pp ACM New York. [9] Ibraimi L. Tang Q. Hartel P.H. and Jonker W. (29) Efficient and Provable Secure Ciphertext-policy Attributebased Encryption Schemes. ISPEC Xi an China April pp Springer Berlin. [1] Emura K. Miyaji A. Nomura A. Omote K. and Soshi M. (29) A Ciphertext-policy Attribute-based Encryption Scheme with Constant Ciphertext Length. ISPEC Xi an China April Lecture Notes in Computer Science 5451 pp Springer Berlin. [11] Zhu Y. Ahn G.-J. Hu H. and Wang H. (21) Cryptographic Role-based Security Mechanisms Based on Role-key Hierarchy. ASIACCS Beijing China April pp ACM New York. [12] Fiat A. and Naor M. (1993) Broadcast Encryption. CRYPTO Santa Barbara CA USA August pp Springer New York. [13] Garay J.A. Staddon J. and Wool A. (2) Long-lived Broadcast Encryption. CRYPTO Santa Barbara CA USA August 2 24 pp Springer New York. [14] Halevy D. and Shamir A. (22) The LSD Broadcast Encryption Scheme. CRYPTO Santa Barbara CA USA August pp Springer New York. [15] Boneh D. Gentry C. and Waters B. (25) Collusion Resistant Broadcast Encryption with Short Ciphertexts and Private Keys. CRYPTO Santa Barbara CA USA August pp Springer New York. [16] Shamir A. (1985) Identity-based Cryptosystems and Signature Schemes. Proc. CRYPTO 84 on Advances in Cryptology Santa Barbara CA USA August pp Springer New York. [17] Delerablée C. Paillier P. and Pointcheval D. (27) Fully Collusion Secure Dynamic Broadcast Encryption with Constant- Size Ciphertexts or Decryption Keys. Pairing Tokyo Japan July 2 4 pp Springer Berlin. [18] Boneh D. and Hamburg M. (28) Generalized Identity Based and Broadcast Encryption Schemes. ASIACRYPT Melbourne Australia December 7 11 pp Springer Berlin. [19] Hu L. Liu Z. and Cheng X. (21) Efficient identity-based broadcast encryption without random oracles. J. Comput [2] Boneh D. Boyen X. and Goh E.-J. (25) Hierarchical Identity Based Encryption with Constant Size Ciphertext. EURO- CRYPT Aarhus Denmark May pp Springer Berlin. [21] Fujisaki E. and Okamoto T. (1999) Secure Integration of Asymmetric and Symmetric Encryption Schemes. CRYPTO Santa Barbara CA USA August pp Springer New York. [22] Hess F. (22) Efficient Identity Based Signature Schemes Based on Pairings. Selected Areas in Cryptography St. John s Newfoundland Canada August pp Springer Berlin. [23] Cha J.C. and Cheon J.H. (23) An Identity-based Signature from Gap Diffie Hellman Groups. Public Key Cryptography Miami FL USA January 6 8 pp Springer Berlin. The Computer Journal Vol. 54 No

### Secure Role-Based Access Control on Encrypted Data in Cloud Storage using Raspberry PI

Volume: 2, Issue: 7, 20-27 July 2015 www.allsubjectjournal.com e-issn: 2349-4182 p-issn: 2349-5979 Impact Factor: 3.762 Miss Rohini Vidhate Savitribai Phule Pune University. Mr. V. D. Shinde Savitribai

### Identity-Based Encryption from the Weil Pairing

Appears in SIAM J. of Computing, Vol. 32, No. 3, pp. 586-615, 2003. An extended abstract of this paper appears in the Proceedings of Crypto 2001, volume 2139 of Lecture Notes in Computer Science, pages

### Role Based Encryption with Efficient Access Control in Cloud Storage

Role Based Encryption with Efficient Access Control in Cloud Storage G. V. Bandewar 1, R. H. Borhade 2 1 Department of Information Technology, Sinhgad Technical Education Society s SKNCOE, Pune, India

### MESSAGE AUTHENTICATION IN AN IDENTITY-BASED ENCRYPTION SCHEME: 1-KEY-ENCRYPT-THEN-MAC

MESSAGE AUTHENTICATION IN AN IDENTITY-BASED ENCRYPTION SCHEME: 1-KEY-ENCRYPT-THEN-MAC by Brittanney Jaclyn Amento A Thesis Submitted to the Faculty of The Charles E. Schmidt College of Science in Partial

### Implementation of Role Based Access Control on Encrypted Data in Hybrid Cloud

Implementation of Role Based Access Control on Encrypted Data in Hybrid Cloud Gajanan Ganorkar, Prof. A.B. Deshmukh, Prof M.D.Tambhakhe Information Technology Email:g.ganorkar7691@gmail.com Contact: 8600200142

### Verifiable Outsourced Computations Outsourcing Computations to Untrusted Servers

Outsourcing Computations to Untrusted Servers Security of Symmetric Ciphers in Network Protocols ICMS, May 26, 2015, Edinburgh Problem Motivation Problem Motivation Problem Motivation Problem Motivation

### Expressive, Efficient, and Revocable Data Access Control for Multi-Authority Cloud Storage

Expressive, Efficient, and Revocable Data Access Control for Multi-Authority Cloud Storage Abstract: Cloud computing is one of the emerge technologies. To protect the data and privacy of users the access

### Secure Group Oriented Data Access Model with Keyword Search Property in Cloud Computing Environment

Secure Group Oriented Data Access Model with Keyword Search Property in Cloud Computing Environment Chih Hung Wang Computer Science and Information Engineering National Chiayi University Chiayi City 60004,

### Key Privacy for Identity Based Encryption

Key Privacy for Identity Based Encryption Internet Security Research Lab Technical Report 2006-2 Jason E. Holt Internet Security Research Lab Brigham Young University c 2006 Brigham Young University March

### Time-Based Proxy Re-encryption Scheme for Secure Data Sharing in a Cloud Environment

Time-Based Proxy Re-encryption Scheme for Secure Data Sharing in a Cloud Environment Qin Liu a,b, Guojun Wang a,, Jie Wu b a School of Information Science and Engineering Central South Uversity Changsha,

### Certificate Based Signature Schemes without Pairings or Random Oracles

Certificate Based Signature Schemes without Pairings or Random Oracles p. 1/2 Certificate Based Signature Schemes without Pairings or Random Oracles Joseph K. Liu, Joonsang Baek, Willy Susilo and Jianying

### Identity-based Encryption with Efficient Revocation

A preliminary version of this paper appears in Proceedings of the 14th ACM Conference on Computer and Communications Security, CCS 2008, ACM Press, 2008. This is the full version. Identity-based Encryption

### EFFICIENT AND SECURE ATTRIBUTE REVOCATION OF DATA IN MULTI-AUTHORITY CLOUD STORAGE

EFFICIENT AND SECURE ATTRIBUTE REVOCATION OF DATA IN MULTI-AUTHORITY CLOUD STORAGE Reshma Mary Abraham and P. Sriramya Computer Science Engineering, Saveetha University, Chennai, India E-Mail: reshmamaryabraham@gmail.com

### Introduction. Digital Signature

Introduction Electronic transactions and activities taken place over Internet need to be protected against all kinds of interference, accidental or malicious. The general task of the information technology

### New Efficient Searchable Encryption Schemes from Bilinear Pairings

International Journal of Network Security, Vol.10, No.1, PP.25 31, Jan. 2010 25 New Efficient Searchable Encryption Schemes from Bilinear Pairings Chunxiang Gu and Yuefei Zhu (Corresponding author: Chunxiang

### Secure Attribute Based Mechanism through Access cipher policy in Outsourced Cloud Data

Secure Attribute Based Mechanism through Access cipher policy in Outsourced Cloud Data V.Abinaya PG Scholar Kalasalingam Institute of Technology Krishnankoil. V.Ramesh Assistant professor Kalasalingam

### Chapter 23. Database Security. Security Issues. Database Security

Chapter 23 Database Security Security Issues Legal and ethical issues Policy issues System-related issues The need to identify multiple security levels 2 Database Security A DBMS typically includes a database

### Cryptography. Identity-based Encryption. Jean-Sébastien Coron and David Galindo. May 15, 2014. Université du Luxembourg

Identity-based Encryption Université du Luxembourg May 15, 2014 Summary Identity-Based Encryption (IBE) What is Identity-Based Encryption? Difference with conventional PK cryptography. Applications of

### Keywords: Authentication, Third party audit, cloud storage, cloud service provider, Access control.

Volume 5, Issue 3, March 2015 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com Identity Based

### Cryptanalysis of Cloud based computing

Cryptanalysis of Cloud based computing COMP 4109 Elom Tsiagbey Overview Introduction Recent threats to cloud computing Key Management models Conclusion Proposed key management model What is Cloud Computing?

### Categorical Heuristic for Attribute Based Encryption in the Cloud Server

Categorical Heuristic for Attribute Based Encryption in the Cloud Server R. Brindha 1, R. Rajagopal 2 1( M.E, Dept of CSE, Vivekanandha Institutes of Engineering and Technology for Women, Tiruchengode,

### Lecture 9 - Message Authentication Codes

Lecture 9 - Message Authentication Codes Boaz Barak March 1, 2010 Reading: Boneh-Shoup chapter 6, Sections 9.1 9.3. Data integrity Until now we ve only been interested in protecting secrecy of data. However,

### Data management using Virtualization in Cloud Computing

Data management using Virtualization in Cloud Computing A.S.R. Krishna Kanth M.Tech (CST), Department of Computer Science & Systems Engineering, Andhra University, India. M.Sitha Ram Research Scholar Department

### Secure and Verifiable Policy Update Outsourcing for Big Data Access Control in the Cloud

1 Secure and Verifiable Policy Update Outsourcing for Big Data Access Control in the Cloud Kan Yang Associate Member IEEE Xiaohua Jia Fellow IEEE Kui Ren Senior Member IEEE Abstract Due to the high volume

### Network Security. Computer Networking Lecture 08. March 19, 2012. HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest

### Anonymity and Time in Public-Key Encryption

Anonymity and Time in Public-Key Encryption Elizabeth Anne Quaglia Thesis submitted to the University of London for the degree of Doctor of Philosophy Information Security Group Department of Mathematics

### Comments on "public integrity auditing for dynamic data sharing with multi-user modification"

University of Wollongong Research Online Faculty of Engineering and Information Sciences - Papers Faculty of Engineering and Information Sciences 2016 Comments on "public integrity auditing for dynamic

### An Introduction to Identity-based Cryptography CSEP 590TU March 2005 Carl Youngblood

An Introduction to Identity-based Cryptography CSEP 590TU March 2005 Carl Youngblood One significant impediment to the widespread adoption of public-key cryptography is its dependence on a public-key infrastructure

### 1 Message Authentication

Theoretical Foundations of Cryptography Lecture Georgia Tech, Spring 200 Message Authentication Message Authentication Instructor: Chris Peikert Scribe: Daniel Dadush We start with some simple questions

### Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption

Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption Ronald Cramer Victor Shoup December 12, 2001 Abstract We present several new and fairly practical public-key

### Fuzzy Identity-Based Encryption

Fuzzy Identity-Based Encryption Janek Jochheim June 20th 2013 Overview Overview Motivation (Fuzzy) Identity-Based Encryption Formal definition Security Idea Ingredients Construction Security Extensions

### Secure and Efficient Data Retrieval Process based on Hilbert Space Filling Curve

Secure and Efficient Data Retrieval Process based on Hilbert Space Filling Curve N.S. Jeya karthikka PG Scholar Sri Ramakrishna Engg Collg S.Bhaggiaraj Assistant Professor Sri Ramakrishna Engg Collg V.Sumathy

### Chosen-Ciphertext Security from Identity-Based Encryption

Chosen-Ciphertext Security from Identity-Based Encryption Dan Boneh Ran Canetti Shai Halevi Jonathan Katz Abstract We propose simple and efficient CCA-secure public-key encryption schemes (i.e., schemes

### CIS 5371 Cryptography. 8. Encryption --

CIS 5371 Cryptography p y 8. Encryption -- Asymmetric Techniques Textbook encryption algorithms In this chapter, security (confidentiality) is considered in the following sense: All-or-nothing secrecy.

### Outsourcing the Decryption of ABE Ciphertexts

Outsourcing the Decryption of ABE Ciphertexts Matthew Green and Susan Hohenberger Johns Hopkins University Brent Waters UT Austin Background A problem Securing records in a data-sharing environment E.g.,

### Efficient File Sharing in Electronic Health Records

Efficient File Sharing in Electronic Health Records Clémentine Gritti, Willy Susilo and Thomas Plantard University of Wollongong, Australia 27/02/2015 1/20 Outline for Section 1 1 Introduction 2 Solution

Family Name:... First Name:... Section:... Advanced Cryptography Final Exam July 18 th, 2006 Start at 9:15, End at 12:00 This document consists of 12 pages. Instructions Electronic devices are not allowed.

### Secure Collaborative Privacy In Cloud Data With Advanced Symmetric Key Block Algorithm

Secure Collaborative Privacy In Cloud Data With Advanced Symmetric Key Block Algorithm Twinkle Graf.F 1, Mrs.Prema.P 2 1 (M.E- CSE, Dhanalakshmi College of Engineering, Chennai, India) 2 (Asst. Professor

### Threshold Identity Based Encryption Scheme without Random Oracles

WCAN 2006 Threshold Identity Based Encryption Scheme without Random Oracles Jin Li School of Mathematics and Computational Science Sun Yat-sen University Guangzhou, P.R. China Yanming Wang Lingnan College

### An Efficient Security Based Multi Owner Data Sharing for Un-Trusted Groups Using Broadcast Encryption Techniques in Cloud

An Efficient Security Based Multi Owner Data Sharing for Un-Trusted Groups Using Broadcast Encryption Techniques in Cloud T.Vijayalakshmi 1, Balika J Chelliah 2,S.Alagumani 3 and Dr.J.Jagadeesan 4 1 PG

### Lecture 17: Re-encryption

600.641 Special Topics in Theoretical Cryptography April 2, 2007 Instructor: Susan Hohenberger Lecture 17: Re-encryption Scribe: Zachary Scott Today s lecture was given by Matt Green. 1 Motivation Proxy

### Identity-based Encryption with Post-Challenge Auxiliary Inputs for Secure Cloud Applications and Sensor Networks

Identity-based Encryption with Post-Challenge Auxiliary Inputs for Secure Cloud Applications and Sensor Networks Tsz Hon Yuen - Huawei, Singapore Ye Zhang - Pennsylvania State University, USA Siu Ming

### Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu

UT DALLAS Erik Jonsson School of Engineering & Computer Science Overview of Cryptographic Tools for Data Security Murat Kantarcioglu Pag. 1 Purdue University Cryptographic Primitives We will discuss the

### Lecture 2 August 29, 13:40 15:40

Lecture 2 August 29, 13:40 15:40 Public-key encryption with keyword search Anonymous identity-based encryption Identity-based encryption with wildcards Public-key encryption with keyword search & anonymous

### Verifiable Delegation of Computation over Large Datasets

Verifiable Delegation of Computation over Large Datasets Siavosh Benabbas University of Toronto Rosario Gennaro IBM Research Yevgeniy Vahlis AT&T Cloud Computing Data D Code F Y F(D) Cloud could be malicious

### Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Network Security Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross 8-1 Public Key Cryptography symmetric key crypto v requires sender, receiver know shared secret

### Lecture 10: CPA Encryption, MACs, Hash Functions. 2 Recap of last lecture - PRGs for one time pads

CS 7880 Graduate Cryptography October 15, 2015 Lecture 10: CPA Encryption, MACs, Hash Functions Lecturer: Daniel Wichs Scribe: Matthew Dippel 1 Topic Covered Chosen plaintext attack model of security MACs

### Identity based cryptography

Identity based cryptography The case of encryption schemes David Galindo d.galindo@cs.ru.nl Security of Systems Department of Computer Science Radboud Universiteit Nijmegen Identity based cryptography

### CryptographicallyEnforced

Cryptographically CryptographicallyEnforced Enforced RBAC RBAC Georg Fuchsbauer (IST Austria) 27 June 2013, CSF joint work with Anna Lisa Ferrara and Bogdan Warinschi (University of Bristol) Overview Cryptographically

### Attributed-based Access Control for Multi-Authority Systems in Cloud Storage

2012 32nd IEEE International Conference on Distributed Computing Systems Attributed-based Access Control for Multi-Authority Systems in Cloud Storage Kan Yang Department of Computer Science City University

### ON MULTI-AUTHORITY CIPHERTEXT-POLICY ATTRIBUTE-BASED ENCRYPTION

Bull. Korean Math. Soc. 46 (2009), No. 4, pp. 803 819 DOI 10.4134/BKMS.2009.46.4.803 ON MULTI-AUTHORITY CIPHERTEXT-POLICY ATTRIBUTE-BASED ENCRYPTION Sascha Müller, Stefan Katzenbeisser, and Claudia Eckert

### 1 Digital Signatures. 1.1 The RSA Function: The eth Power Map on Z n. Crypto: Primitives and Protocols Lecture 6.

1 Digital Signatures A digital signature is a fundamental cryptographic primitive, technologically equivalent to a handwritten signature. In many applications, digital signatures are used as building blocks

### Network Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering

Network Security Gaurav Naik Gus Anderson, Philadelphia, PA Lectures on Network Security Feb 12 (Today!): Public Key Crypto, Hash Functions, Digital Signatures, and the Public Key Infrastructure Feb 14:

### Lukasz Pater CMMS Administrator and Developer

Lukasz Pater CMMS Administrator and Developer EDMS 1373428 Agenda Introduction Why do we need asymmetric ciphers? One-way functions RSA Cipher Message Integrity Examples Secure Socket Layer Single Sign

### Patient Controlled Encryption: Ensuring Privacy of Electronic Medical Records

Patient Controlled Encryption: Ensuring Privacy of Electronic Medical Records Josh Benaloh, Melissa Chase, Eric Horvitz, and Kristin Lauter Microsoft Research Redmond, WA, USA {benaloh,melissac,horvitz,klauter}@microsoft.com

### CSC474/574 - Information Systems Security: Homework1 Solutions Sketch

CSC474/574 - Information Systems Security: Homework1 Solutions Sketch February 20, 2005 1. Consider slide 12 in the handout for topic 2.2. Prove that the decryption process of a one-round Feistel cipher

### 3-6 Toward Realizing Privacy-Preserving IP-Traceback

3-6 Toward Realizing Privacy-Preserving IP-Traceback The IP-traceback technology enables us to trace widely spread illegal users on Internet. However, to deploy this attractive technology, some problems

### CS 758: Cryptography / Network Security

CS 758: Cryptography / Network Security offered in the Fall Semester, 2003, by Doug Stinson my office: DC 3122 my email address: dstinson@uwaterloo.ca my web page: http://cacr.math.uwaterloo.ca/~dstinson/index.html

### An Efficient and Secure Data Sharing Framework using Homomorphic Encryption in the Cloud

An Efficient and Secure Data Sharing Framework using Homomorphic Encryption in the Cloud Sanjay Madria Professor and Site Director for NSF I/UCRC Center on Net-Centric Software and Systems Missouri University

### SECURITY IN NETWORKS

SECURITY IN NETWORKS GOALS Understand principles of network security: Cryptography and its many uses beyond confidentiality Authentication Message integrity Security in practice: Security in application,

### CP-ABE Based Encryption for Secured Cloud Storage Access

International Journal of Scientific & Engineering Research, Volume 3, Issue 9, September-2012 1 CP-ABE Based Encryption for Secured Cloud Storage Access B. Raja Sekhar,B. Sunil Kumar, L. Swathi Reddy,

### Secure cloud access system using JAR ABSTRACT:

Secure cloud access system using JAR ABSTRACT: Cloud computing enables highly scalable services to be easily consumed over the Internet on an as-needed basis. A major feature of the cloud services is that

### Outline. Computer Science 418. Digital Signatures: Observations. Digital Signatures: Definition. Definition 1 (Digital signature) Digital Signatures

Outline Computer Science 418 Digital Signatures Mike Jacobson Department of Computer Science University of Calgary Week 12 1 Digital Signatures 2 Signatures via Public Key Cryptosystems 3 Provable 4 Mike

### Data Sharing on Untrusted Storage with Attribute-Based Encryption

Data Sharing on Untrusted Storage with Attribute-Based Encryption by Shucheng Yu A Dissertation Submitted to the Faculty of the WORCESTER POLYTECHNIC INSTITUTE In partial fulfillment of the requirements

### CLOUD COMPUTING SECURITY IN UNRELIABLE CLOUDS USING RELIABLE RE-ENCRYPTION

CLOUD COMPUTING SECURITY IN UNRELIABLE CLOUDS USING RELIABLE RE-ENCRYPTION Chandrala DN 1, Kulkarni Varsha 2 1 Chandrala DN, M.tech IV sem,department of CS&E, SVCE, Bangalore 2 Kulkarni Varsha, Asst. Prof.

### Distributed Attribute Based Encryption for Patient Health Record Security under Clouds

Distributed Attribute Based Encryption for Patient Health Record Security under Clouds SHILPA ELSA ABRAHAM II ME (CSE) Nandha Engineering College Erode Abstract-Patient Health Records (PHR) is maintained

### Semi-Trusted Authentication for Health Data in Cloud

JOURNAL OF COMPUTER SCIENCE AND ENGINEERING Semi-Trusted Authentication for Health Data in Cloud Rajeswari.M 1, Anjelin Lilly Jasmine.P 2, V.Komaladevi 3, K.Monika 4 1 Assistant professor, 2,3,4 Students,

### A New Generic Digital Signature Algorithm

Groups Complex. Cryptol.? (????), 1 16 DOI 10.1515/GCC.????.??? de Gruyter???? A New Generic Digital Signature Algorithm Jennifer Seberry, Vinhbuu To and Dongvu Tonien Abstract. In this paper, we study

MACs Message authentication and integrity Foundations of Cryptography Computer Science Department Wellesley College Table of contents Introduction MACs Constructing Secure MACs Secure communication and

### CSCE 465 Computer & Network Security

CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Public Key Cryptogrophy 1 Roadmap Introduction RSA Diffie-Hellman Key Exchange Public key and

### Network Security (2) CPSC 441 Department of Computer Science University of Calgary

Network Security (2) CPSC 441 Department of Computer Science University of Calgary 1 Friends and enemies: Alice, Bob, Trudy well-known in network security world Bob, Alice (lovers!) want to communicate

### Attribute-Based Encryption for Fine-Grained Access Control of Encrypted Data

Attribute-Based Encryption for Fine-Grained Access Control of Encrypted Data Vipul Goyal Omkant Pandey Amit Sahai Brent Waters Abstract As more sensitive data is shared and stored by third-party sites

### Journal of Electronic Banking Systems

Journal of Electronic Banking Systems Vol. 2015 (2015), Article ID 614386, 44 minipages. DOI:10.5171/2015.614386 www.ibimapublishing.com Copyright 2015. Khaled Ahmed Nagaty. Distributed under Creative

### A NOVEL APPROACH FOR MULTI-KEYWORD SEARCH WITH ANONYMOUS ID ASSIGNMENT OVER ENCRYPTED CLOUD DATA

A NOVEL APPROACH FOR MULTI-KEYWORD SEARCH WITH ANONYMOUS ID ASSIGNMENT OVER ENCRYPTED CLOUD DATA U.Pandi Priya 1, R.Padma Priya 2 1 Research Scholar, Department of Computer Science and Information Technology,

### Cryptographic hash functions and MACs Solved Exercises for Cryptographic Hash Functions and MACs

Cryptographic hash functions and MACs Solved Exercises for Cryptographic Hash Functions and MACs Enes Pasalic University of Primorska Koper, 2014 Contents 1 Preface 3 2 Problems 4 2 1 Preface This is a

### Scalable and secure sharing of data in cloud computing using attribute based encryption

Volume :2, Issue :4, 416-420 April 2015 www.allsubjectjournal.com e-issn: 2349-4182 p-issn: 2349-5979 Impact Factor: 3.762 Ghodake Shubhangi Joshi Priyanka Khobragade Pranjali Chandak Manjiri Scalable

### Lecture 3: One-Way Encryption, RSA Example

ICS 180: Introduction to Cryptography April 13, 2004 Lecturer: Stanislaw Jarecki Lecture 3: One-Way Encryption, RSA Example 1 LECTURE SUMMARY We look at a different security property one might require

### Final Exam. IT 4823 Information Security Administration. Rescheduling Final Exams. Kerberos. Idea. Ticket

IT 4823 Information Security Administration Public Key Encryption Revisited April 5 Notice: This session is being recorded. Lecture slides prepared by Dr Lawrie Brown for Computer Security: Principles

### Security Aspects of. Database Outsourcing. Vahid Khodabakhshi Hadi Halvachi. Dec, 2012

Security Aspects of Database Outsourcing Dec, 2012 Vahid Khodabakhshi Hadi Halvachi Security Aspects of Database Outsourcing Security Aspects of Database Outsourcing 2 Outline Introduction to Database

### Lecture 5 - CPA security, Pseudorandom functions

Lecture 5 - CPA security, Pseudorandom functions Boaz Barak October 2, 2007 Reading Pages 82 93 and 221 225 of KL (sections 3.5, 3.6.1, 3.6.2 and 6.5). See also Goldreich (Vol I) for proof of PRF construction.

### Ch.9 Cryptography. The Graduate Center, CUNY.! CSc 75010 Theoretical Computer Science Konstantinos Vamvourellis

Ch.9 Cryptography The Graduate Center, CUNY! CSc 75010 Theoretical Computer Science Konstantinos Vamvourellis Why is Modern Cryptography part of a Complexity course? Short answer:! Because Modern Cryptography

### encryption Presented by NTU Singapore

A survey on identity based encryption Presented by Qi Saiyu NTU Singapore Outline Introduction of public key encryption Identitybased encryption (IBE) Hierarchical identity based encryption (HIBE) Before

### CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives

CIS 6930 Emerging Topics in Network Security Topic 2. Network Security Primitives 1 Outline Absolute basics Encryption/Decryption; Digital signatures; D-H key exchange; Hash functions; Application of hash

### SECURITY ENHANCEMENT OF GROUP SHARING AND PUBLIC AUDITING FOR DATA STORAGE IN CLOUD

SECURITY ENHANCEMENT OF GROUP SHARING AND PUBLIC AUDITING FOR DATA STORAGE IN CLOUD S.REVATHI B.HASEENA M.NOORUL IZZATH PG Student PG Student PG Student II- ME CSE II- ME CSE II- ME CSE Al-Ameen Engineering

### Security System in Cloud Computing for Medical Data Usage

, pp.27-31 http://dx.doi.org/10.14257/astl.2013.38.06 Security System in Cloud Computing for Medical Data Usage Maya Louk 1, Hyotaek Lim 2, Hoon Jae Lee 3 1 Department of Ubiquitous IT, Graduate School

### Attribute-Based Cryptography. Lecture 21 And Pairing-Based Cryptography

Attribute-Based Cryptography Lecture 21 And Pairing-Based Cryptography 1 Identity-Based Encryption 2 Identity-Based Encryption In PKE, KeyGen produces a random (PK,SK) pair 2 Identity-Based Encryption

### Chapter 11. Asymmetric Encryption. 11.1 Asymmetric encryption schemes

Chapter 11 Asymmetric Encryption The setting of public-key cryptography is also called the asymmetric setting due to the asymmetry in key information held by the parties. Namely one party has a secret

### Sharing Of Multi Owner Data in Dynamic Groups Securely In Cloud Environment

Sharing Of Multi Owner Data in Dynamic Groups Securely In Cloud Environment Deepa Noorandevarmath 1, Rameshkumar H.K 2, C M Parameshwarappa 3 1 PG Student, Dept of CS&E, STJIT, Ranebennur. Karnataka, India

### Breaking Generalized Diffie-Hellman Modulo a Composite is no Easier than Factoring

Breaking Generalized Diffie-Hellman Modulo a Composite is no Easier than Factoring Eli Biham Dan Boneh Omer Reingold Abstract The Diffie-Hellman key-exchange protocol may naturally be extended to k > 2

### Democratic Group Signatures on Example of Joint Ventures

Democratic Group Signatures on Example of Joint Ventures Mark Manulis Horst-Görtz Institute Ruhr-University of Bochum D-44801, Germany EMail: mark.manulis@rub.de Abstract. In the presence of economic globalization

### RSA Attacks. By Abdulaziz Alrasheed and Fatima

RSA Attacks By Abdulaziz Alrasheed and Fatima 1 Introduction Invented by Ron Rivest, Adi Shamir, and Len Adleman [1], the RSA cryptosystem was first revealed in the August 1977 issue of Scientific American.

### Chapter 2 Taxonomy and Classification of Access Control Models for Cloud Environments

Chapter 2 Taxonomy and Classification of Access Control Models for Cloud Environments Abhishek Majumder, Suyel Namasudra and Samir Nath Abstract Cloud computing is an emerging and highly attractive technology

### Module 7 Security CS655! 7-1!

Module 7 Security CS655! 7-1! Issues Separation of! Security policies! Precise definition of which entities in the system can take what actions! Security mechanism! Means of enforcing that policy! Distributed

### Lecture 25: Pairing-Based Cryptography

6.897 Special Topics in Cryptography Instructors: Ran Canetti and Ron Rivest May 5, 2004 Lecture 25: Pairing-Based Cryptography Scribe: Ben Adida 1 Introduction The field of Pairing-Based Cryptography

### Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University

Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University October 2015 1 List of Figures Contents 1 Introduction 1 2 History 2 3 Public Key Infrastructure (PKI) 3 3.1 Certificate

### IEEE Draft P1363.3. Identity Based Public Key Cryptography Based On Pairings. Daniel Schliebner. 14. Dezember 2009

Identity Based Public Key Cryptography Based On Pairings 14. Dezember 2009 Gliederung Introduction Identity Based Encryption The Protocol Security Of The Protocol Discussion About The Headline Identity

### Database Security. The Need for Database Security

Database Security Public domain NASA image L-1957-00989 of people working with an IBM type 704 electronic data processing machine. 1 The Need for Database Security Because databases play such an important

### Secure Computation Without Authentication

Secure Computation Without Authentication Boaz Barak 1, Ran Canetti 2, Yehuda Lindell 3, Rafael Pass 4, and Tal Rabin 2 1 IAS. E:mail: boaz@ias.edu 2 IBM Research. E-mail: {canetti,talr}@watson.ibm.com