Cryptanalysis of Cloud based computing

Transcription

1 Cryptanalysis of Cloud based computing COMP 4109 Elom Tsiagbey

2 Overview Introduction Recent threats to cloud computing Key Management models Conclusion Proposed key management model

3 What is Cloud Computing? Shared resources, software, and data provided to computers and other devices as a service over a network

4 How safe is the cloud? In 2008, Heartland Payments hacked to steal 100 million credit card information In 2009, Zeus keylogger Trojan found on Amazon cloud linked to $100 million bank fraud In 2011, Sony PlayStation network hacked to gain sensitive data of 77 million subscribers stored in Amazon s EC2 Cloud

5 How is Encryption and Key Management handled?

6 Leading Key Management models Key management through a centralized cloud service Key management through a trusted client-side authority Key management through the use of automatic data re-encryption

7 Centralized cloud service key management Based on Identity Based Encryption (IBE) Cloud is central authority and manages a single key store servicing users. Cloud acts as an authenticator with the help of Controller based on Access Control List Data on the cloud is divided into data partitions that are each encrypted with a different key

8 Centralized Key Management Bilinear Maps Let G1, G2, and GT be groups of the same order p A bilinear map from G1 x G2 to GT is a function e : G1 G2 GT such that for all u G1, v G2, a, b e(ua, vb) = e(u, v)ab

9 Centralized Key Management Key generation Public Key Generator (PKG) is the Cloud Provider which specifies: Group generator, g produces groups G and F of prime order q Bilinear pairing, e : G x G F Random hash functions, H 1 and H 2 H 1 : {0,1}* G H 2 : F {0,1} l, where l is the length of the plaintext Random master secret key SK M Z* q A public master key, PK M is then calculated from SK M and shared with all users PK M = SK M x g PKG also shares the key-related parameters G, F, H 1, H 2 and PK M to the authorized user set.

10 Centralized Key Management Encryption Alice obtains PK M from the cloud provider Suppose A wants to share a particular data partition in the cloud, Alice also requests global identifier ID P for that partition Alice then encrypts her message, m {0,1) l into ciphertext, C p using combinations of PK M, ID P and a random integer, r. U = rg V = H 2 (e(q ID, PK M ) r ) m where Q ID = H 1 (ID P ) Alice then uploads the ciphertext, C P = (U,V) to the cloud provider.

11 Centralized Key Management Decryption Bob authenticates with the cloud provider and requests secret key SK P to a data partition. SK P = SK M x Q ID where Q ID = H 1 (ID P ) Bob then downloads the message and decrypts it using SK P obtained above M = V H 2 (e(sk P, U))

12 Centralized Key Management Recap

13 Centralized Key Management Benefits Relatively straight forward Communication between just the cloud provider and user. No additional networks required. Unnecessary and expensive pre-distribution of authenticated keys is avoided as the cloud generates the keys

14 Centralized Key Management Challenges Trust - Cloud generates and stores all private keys hence has the ability to decrypt all data Cloud based authenticator is critical point of failure if attacked or power failure. Eg. Twitter outage in Feb 2008 Clients data compromised through law enforcement or court order without knowledge/consent Lot s of computational tasks (key generation, authentication, key requests)

15 Multi-level Key management Key store is managed by users which are segmented into groups A trusted intermediary called a manager is responsible for user authentication within each group. Using ACL to verify group membership Managers are dissociated from the cloud. A dedicated directory stores the key parameters used to generate secret keys. This aids a readier dissemination to users

16 Multi-level Key Management Key Generation The Manager constructs an Access Control Polynomial A(x), where = secret key assigned to each member in group UP h(ski, r)= hash function with random integer, r A public polynomial key P(x) is then calculated from a random group key SKP P(x) = A(x) + SKP For eg. Alice, A and Bob, B in group UP with secret keys(issued by manager) SKA and SKB PUP(x) = (x-h(ska, r))(x-h(skb, r)) + SKP Manager then uploads the tuple (r, PUP(x)), representing the key parameters, to the cloud and stores it in the public directory

17 Multi-level Key Management Encryption Alice has access to data partition, P and reads the tuple from it Alice then generates the partition access key. SK P by computing the hash function of her own secret key SKA and substituting it into the public polynomial SK P = P UP (h(sk A, r)) Alice then encrypts the message with SK P, authenticates with the cloud and stores the ciphertext in partition P

18 Multi-level Key Management Decryption Bob generates the partition access key, SK P, using the same approach as Alice SK P = P UP (h(sk B, r)) Bob authenticates himself, downloads the ciphertext and decrypts it using SK P

19 Multi-level Key Management Key re-generation Assume 3 rd user, Charlie, joins group U P, a new, modified ACP, A (x) is created A (x) = A(x) (x-h(sk C, r)) P UP (x) = A (x) + SK P New tuple (r, P UP (x)) is uploaded to cloud. A and B are already in possession of SK P hence they don t need to obtain tuple above Suppose C leaves the group U P. A new random group key, S K P and integer r is selected P UP (x) = A (x) + S K P New tuple (r, P UP (x)) is uploaded to cloud. The manager needs to re-encrypt all existing data for new authorized users to gain access using S K P

20 Multi-level key management Benefits Trusted managers that are outside of the cloud domain manage the keys Each manager handles authentication for a limited set of users hence communication with the cloud is reduced Use of symmetric keys allows users to perform quicker encryption operations on cloud data Efficiently handles changes in group membership through parameter directory

21 Multi-level key management Challenges Origin and authenticity of message cannot be guaranteed Does not cater for re-encryption of data when a user s access rights are revoked

22 Conclusion Proposed key model A new key management model is proposed The highly scalable cloud is leveraged to perform required re-encryption task The manager still exists in the scenario, playing the role of key coordinator to current users and the secret group key is never shared with the cloud. A re-encryption key based on the latest version of private partition key is generated by the manager and provided to the cloud for re-encryption

23 References