Abstract
The user authenticity with proper identification is a significant challenge where the defects on the authenticity scheme can directly influence the sensitive data over the multi-cloud data (environment). It leads to severe information breaches and data loss over the cloud environment. Thus, a cloud user identity management protocol has to be designed in a secured manner using the proxy-encryption scheme, i.e., proxy transmits a cipher to another with a different encryption key by preserving the plain text secrets. Therefore, the intervention of third-party is avoided efficiently. This research provides an identity management protocol based on a proxy re-encryption scheme, an improved version of the existing identity management protocol, and named Lightweight Proxy re-encryption-based identity management protocol (\(l-\) PEES-IMP). It resolves the computational overhead that occurs during the encryption operation performed by the data owners and decryption due to asymmetric mode. It integrates symmetric and asymmetric encryption to establish secure communication. It is applied over the multi-cloud environment to develop privacy and security among sensitive data to avoid data loss or data breaching. It is also a trustworthy identity protocol for service providers and users. It addresses the problem related to the reliance on a third party, commonly identified in existing identity management protocol. Finally, the evaluation of the proposed PEES-IMP is done with existing ECC, RSA, hybrid model and EIDM, and various metrics to guarantee privacy and security of the data. The simulation is performed using MATLAB environment and shows better outcomes compared to prevailing approaches. This model is flexible which can be adopted practically. The encryption time of \(l-\) PEES-IMP is 0.819 ms, decryption time is 3.872 ms and re-encryption time is 28.18 ms which is better compared to other approaches.
Similar content being viewed by others
References
Ateniese, K., Fu, M.G., Hohenberger, S.: Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Trans. Inf. Syst. Sec. (TISSEC) 9(1), 1–30 (2006)
Bertino, et al.: Privacy-preserving digital identity management for cloud computing. Bullet. IEEE Comput. Soc. Tech. Committ. Data Eng. 32(1), 21–27 (2009)
Chandran, M. Chase, F. Liu, R. Nishimaki, and K. Kagawa, “Reencryption, functional re-encryption, and multi-hop re-encryption: A framework for achieving obfuscation-based security and instantiations from lattices,” vol. 8383, pp. 95–112, (2014).
Chow, J. Weng, Y. Yang, and R. H. Deng, “Efficient unidirectionalunidirectional proxy re-encryption,” in International Conference on Cryptology in Africa. Springer, (2010), pp. 316–332
Chu and W.-G. Tzeng, “Identity-based proxy re-encryption without random oracles,” in International Conference on Information Security. Springer, (2007), pp. 189–202.
Dey, Weis, S., “PseudoID: Enhancing privacy in federated login,” in Hot Topics in Privacy Enhancing Technologies, (2010), pp. 95–107.
Egorov and Wilkison M., “Nucypher kms: Decentralized key management system.” arXiv: Cryptography and Security, (2017)
Fan and Liu F., “Proxy re-encryption and re-signatures from lattices,” pp. 363–382, (2019).
Fan X., Liu, F. “Proxy re-encryption and re-signatures from lattices,” pp. 363–382, (2019).
Hanna, ``Systems and methods for an incremental, reversible and decentralized biometric identity management system,'' U.S. Patent 10 078 758 B1, Sep. 18, (2018).
He GE, “An Anonymous Authentication Scheme for Identification Card “, Int. Conf on information and communication security, pp. 238–248, (2006).
Khalil, A.K., Azeem, M.: Consolidated identity management system for secure mobile cloud computing. Comput. Netw. 65(2), 99–110 (2014)
Kim, S., Lee, I.: IoT device security based on proxy re-encryption. J. Ambient Intell. Human. Comput. 9(4), 1267–1273 (2018)
Liang, C., Chu, X., Tan, D.S., Wong, C.T., Zhou, J.: Chosen-ciphertext secure multi-hop identity-based conditional proxy re-encryption with constant-size ciphertexts. Theoret. Comput. Sci. (2014). https://doi.org/10.1016/j.tcs.2014.04.027
Maitra, S., Yelamarthi, K.: Rapidly deployable IoT architecture with data security: implementation and experimental evaluation. Sensors 19(11), 2484 (2019)
Miao, J., Ma, X., Liu, J., Weng, H.L., Li, H.: Lightweight fine-grained search over encrypted data in fog computing. IEEE Trans. Services Comput. 12(5), 772–785 (2019)
Mohd, B. J., & Hayajneh, T. (2018). Lightweight block ciphers for IoT: energy optimization and survivability techniques. IEEE Access, 6, 35966-35978.
Phong, L. Wang, Y. Aono, M. H. Nguyen, and X. Boyen, “Proxy re-encryption schemes with key privacy from lwe.” IACR Cryptology ePrint Archive, vol. 2016, p. 327, (2016).
Poomagal, C.T., Kumar, G.S.: ECC based lightweight secure message conveyance protocol for satellite communication in internet of vehicles (IoV). Wirel. Person. Commun. 113(2), 1359–1377 (2020)
Salim, T.N., Sakurai, K., “Realizing proxy re-encryption in the symmetric world,” in International Conference on Informatics Engineering and Information Science. Springer, (2011), pp. 259–274.
Shaikh. R., Sasikumar.M.: ``Identity management in cloud computing,'' Int. J. Comput. Appl., vol. 63, no. 11, (2013).
Shao, Wei G., Ling, Y., and Xie, M., “Identity-based conditional proxy re-encryption,” in 2011 IEEE International Conference on Communications (ICC). IEEE, (2011), pp. 1–5.
Shi, R.X., Fu, A.M.: Multi-element based on proxy re-encryption scheme for mobile cloud computing. J. Commun. 36(11), 73–79 (2015)
Sun, M., Ge, C., Fang, L., Wang, J.: A proxy broadcast re-encryption for cloud data sharing. Multim. Tools Appl. 77(9), 455–469 (2018)
Sun, C., Ge, L.F., Wang, J.: A proxy broadcast re-encryption for cloud data sharing. Multim. Tools Appl. 77(9), 10455–10469 (2018)
Weng, M., Chen, Y., Yang, R., Deng, K.C., Bao, F.: CCA secure unidirectional proxy re-encryption in the adaptive corruption model without random oracles. Sci. Chin. Inf. Sci. 53(3), 593–606 (2010)
Xu, P., Jiao, T., Wu, Q., Wang, W., Jin, H.: Conditional identity-based broadcast proxy re-encryption and its application to cloud email. IEEE Trans. Comput. 65(1), 66–79 (2016)
Yao, W., Zhang, Y., Qian, H., Han, J.: Flexible and fine-grained attribute-based data storage in cloud computing. IEEE Trans. Serv. Comput. 10(5), 785–796 (2017)
Yu, R., Chen, H., Li, Y.L., Tian, A.: Toward data security in edge intelligent IIoT. IEEE Netw. 33(5), 20–26 (2019)
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
The authors declared that there is no conflict of interest.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Pachala, S., Rupa, C. & Sumalatha, L. \(l-\)PEES-IMP: lightweight proxy re-encryption-based identity management protocol for enhancing privacy over multi-cloud environment. Autom Softw Eng 29, 4 (2022). https://doi.org/10.1007/s10515-021-00299-6
Received:
Accepted:
Published:
DOI: https://doi.org/10.1007/s10515-021-00299-6