Skip to main content
SpringerLink
Log in

Simultaneous authentication and secrecy in identity-based data upload to cloud

  • Published:
Cluster Computing Aims and scope Submit manuscript

Abstract

Most existing works to secure cloud devote to remote integrity check, search and computing on encrypted data. In this paper, we deal with simultaneous authentication and secrecy when data are uploaded to cloud. Observing that cloud is most interesting to companies in which multiple authorized employees are allowed to upload data, we propose a general framework for secure data upload in an identity-based setting. We present and employ identity-based signcryption (IBSC) to meet this goal. As it is shown that it is challenging to construct IBSC scheme in the standard model and most IBSC schemes are realized in the random oracle model which is regarded weak to capture the realistic adversaries, we propose a new IBSC scheme simultaneously performing encryption and signature with cost less than the signature-then-encryption approach. The identity based feature eliminates the complicated certificates management in signcryption schemes in the traditional public-key infrastructure (PKI) setting. Our IBSC scheme exploits Boneh et al.’s strongly unforgeable signature and Paterson et al.’s identity-based signature. The scheme is shown to satisfy semantic security and strong unforgeability. The security relies on the well-defined bilinear decision Diffie-Hellman (BDDH) assumption and the proof is given in the standard model. With our IBSC proposal, a secure data upload scheme is instantiated with simultaneous authentication and secrecy in a multi-user setting.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2

Similar content being viewed by others

References

  1. An, J.H., Dodis, Y., Rabin, T.: On the security of joint signature and encryption. In: Proceedings of EUROCRYPT’02, vol. 2332, pp. 83–107 (2002)

    Google Scholar 

  2. Armknecht, F., Augot, D., Perret, L., Sadeghi, A.: On constructing homomorphic encryption schemes from coding theory. In: Proceedings of Cryptography and Coding—13th IMA International Conference, Oxford, UK, December 2011, pp. 23–40 (2011)

    Google Scholar 

  3. Ateniese, G., Burns, R., Curtmola, R., Herring, J., Khan, O., Kissner, L., Peterson, Z., Song, D.: Remote data checking using provable data possession. ACM Trans. Inf. Syst. Secur. 14(1), 12.1–12.34 (2011)

    Article  Google Scholar 

  4. Ateniese, G., Burns, R., Curtmola, R., Herring, J., Kissner, L., Peterson, Z., Song, D.: Provable data possession at untrusted stores. In: Proc. of ACM CCS’07, pp. 598–609 (2007)

    Google Scholar 

  5. Baek, J., Steinfeld, R., Zheng, Y.: Formal proofs for the security of signcryption. In: Proc. of PKC’02, vol. 2274, pp. 80–98 (2002)

    Google Scholar 

  6. Baek, J., Steinfeld, R., Zheng, Y.: Formal proofs for the security of signcryption. J. Cryptol. 20(2), 203–235 (2007)

    Article  MathSciNet  MATH  Google Scholar 

  7. Barreto, P.S.L.M., Libert, B., McCullagh, N., Quisquater, J.J.: Efficient and provably-secure identity based signatures and signcryption from Bilinear maps. In: Proc. of ASIACRYPT’05, vol. 3788, pp. 515–532 (2005)

    Google Scholar 

  8. Bellare, M., Shoup, S.: Two-tier signatures, strongly unforgeable signatures, and fiat-shamir without random oracles. In: Proc. of PKC’07, vol. 4450, pp. 201–216 (2007)

    Google Scholar 

  9. Boneh, D., Lynn, B., Shacham, H.: Short signatures from the weil pairing. In: Proc. of ASIACRYPT’01, vol. 2248, pp. 514–532 (2011)

    Google Scholar 

  10. Boneh, D., Shen, E., Waters, B.: Strongly unforgeable signatures based on computational diffie-hellman. In: Proc. of PKC’06, vol. 3958, pp. 229–240 (2006)

    Google Scholar 

  11. Boyen, X.: Multipurpose identity based signcryption: a swiss army knife for identity based cryptography. In: Proc. of CRYPTO’03, vol. 2792, pp. 383–399 (2003)

    Google Scholar 

  12. Brakerski, Z., Vaikuntanathan, V.: Fully homomorphic encryption from ring-LWE and security for key dependent messages. In: Proc. of CRYPTO’11, vol. 6841, pp. 505–524 (2011)

    Google Scholar 

  13. Canetti, R., Goldreich, O., Halevi, S.: The random oracle methodology. J. ACM 51(4), 557–594 (2004)

    Article  MathSciNet  MATH  Google Scholar 

  14. Chatterjee, P., Sengupta, I., Ghosh, S.K.: STACRP: a secure trusted auction oriented clustering based routing protocol for MANET. Clust. Comput. 15, 303–320 (2012)

    Article  Google Scholar 

  15. Chen, L., Malone-Lee, J.: Improved identity-based signcryption. In: Proc. of PKC’05, vol. 3386, pp. 362–379 (2005)

    Google Scholar 

  16. Chow, S.S.M., Yiu, S.M., Hui, L.C.K., Chow, K.P.: Efficient forward and provably secure ID-based signcryption scheme with public verifiability and public ciphertext authenticity. In: Proc. of ICISC’03, vol. 2971, pp. 352–369 (2004)

    Google Scholar 

  17. Di Pietro, R., Blass, E.-O., Molva, R., Onen, M.: PRISM—privacy-preserving searches in MapReduce. In: Proc. of PET’02, vol. 7384, pp. 180–200 (2012)

    Google Scholar 

  18. Fan, J., Zheng, Y., Tang, X.: Signcryption with non-interactive non-repudiation without random oracles. In: Transactions on Computational Science X, vol. 6340, pp. 202–230 (2010)

    Chapter  Google Scholar 

  19. Gentry, C.: Fully homomorphic encryption using ideal lattices. In: Proc. of STOC 2009, pp. 169–178 (2009)

    Google Scholar 

  20. Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proc. of ACM CCS’06, pp. 89–98 (2006)

    Google Scholar 

  21. Huang, Q., Wong, D.S., Li, J., Zhao, Y.: Generic transformation from weakly to strongly unforgeable signatures. J. Comput. Sci. Technol. 23(2), 240–252 (2008)

    Article  MathSciNet  Google Scholar 

  22. Itani, W., Kayssi, A., Chehab, A.: SNUAGE: An Efficient Platform-as-a-service Security Framework for the Cloud. Cluster Comput. Accessed: 1 December (2012). Retrieved from: http://link.springer.com/article/10.1007%2Fs10586-012-0223-x

  23. Jin, Z.P., Wen, Q.Y., Du, H.Z.: An improved semantically-secure identity-based signcryption scheme in the standard model. Comput. Electr. Eng. 36(3), 545–552 (2010)

    Article  MATH  Google Scholar 

  24. Kamara, S., Lauter, K.: Cryptographic cloud storage. In: Proc. of Financial Cryptography Workshops 2010. Lecture Notes in Computer Science, vol. 6054, pp. 136–149 (2010)

    Google Scholar 

  25. Kim, I., Lee, D., Kim, K.J., Lee, J.: Flexible authorization in home network environments. Clust. Comput. 15, 3–15 (2012)

    Article  Google Scholar 

  26. Li, M., Yu, S., Cao, N., Lou, W.: Authorized private keyword search over encrypted data in cloud computing. In: Proc. of the 2011 31st International Conference on Distributed Computing Systems (ICDCS’11), pp. 383–392. IEEE Comput. Soc., Washington (2011)

    Chapter  Google Scholar 

  27. Libert, B., Quisquator, J.J.: A new identity based signcryption scheme from pairings. In: Proc. of IEEE Information Theory Workshop, Paris, France, pp. 155–158 (2003)

    Google Scholar 

  28. Liu, Z.H., Hu, Y.P., Zhang, X.S., Ma, H.: Certificateless signcryption scheme in the standard model. Inf. Sci. 180(3), 452–464 (2010)

    Article  MathSciNet  MATH  Google Scholar 

  29. Malone-Lee, J.: Identity Based Signcryption, Cryptology ePrint Archive. IACR Report 2002/098. Accessed: 1 December (2012). Retrieved from: http://eprint.iacr.org/2002/098.pdf

  30. Matsuda, T., Attrapadung, N., Hanaoka, G., Matsuura, K., Imai, H.: A CDH-based strongly unforgeable signature without collision resistant hash function. In: Proc. of International Conference on Provable Security. Lecture Notes in Computer Science, vol. 4784, pp. 68–84 (2007)

    Chapter  Google Scholar 

  31. Paterson, K.G., Schuldt, J.C.N.: Efficient identity-based signatures secure in the standard model. In: Proc. of ACISP’06. Lecture Notes in Computer Science, vol. 4058, pp. 207–222 (2006)

    Google Scholar 

  32. Qin, B., Wang, H., Wu, Q., Liu, J., Domingo-Ferrer, J.: An identity based signcryption scheme in the standard model. In: Proc. of the 4-th International Conference on Intelligent Networking and Collaborative Systems—INCOS 2012, Bucharest, Romania, September 2012, pp. 606–611 (2012)

    Chapter  Google Scholar 

  33. Sadeghi, A.-R., Schneider, T., Winandy, M.: Token-based cloud computing. In: Proc. of TRUST’10, Berlin, Germany, June 2010, pp. 417–429 (2010)

    Google Scholar 

  34. Wang, H.: Proxy Provable Data Possession in Public Clouds. IEEE Transactions on Services Computing. IEEE computer Society Digital Library, 07 December (2012). http://doi.ieeecomputersociety.org/10.1109/TSC.2012.35

  35. Wang, H., Zhang, Y.: On the Knowledge Soundness of a Cooperative Provable Data Possession Scheme in Multicloud Storage. IEEE Trans. Parallel Distrib. Syst. PP(99), 1. doi:10.1109/TPDS.2013.16

  36. Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Proc. of Eurocrypt’05. Lecture Notes in Computer Science, vol. 3494, pp. 457–473 (2005)

    Google Scholar 

  37. Security Guidance for Critical Areas of Focus in Cloud Computing. Accessed: 12 November (2012). Retrieve from: www.cloudsecurityalliance.org

  38. Steinfeld, R., Pieprzyk, J., Wang, H.X.: How to strengthen any weakly unforgeable signature into a strongly unforgeable signature. In: Proc. of CT-RSA’07. Lecture Notes in Computer Science, vol. 4377, pp. 357–371 (2007)

    Google Scholar 

  39. Wang, L.L., Zhang, G.Y., Ma, C.G.: A secure ring signcryption scheme for private and anonymous communication. In: Proc. of IFIP International Conference on Network and Parallel Computing—NPC Workshops 2007, Dalian, China, September 2007, pp. 107–111 (2007)

    Chapter  Google Scholar 

  40. Wu, Q., Mu, Y., Susilo, W., Qin, B., Domingo-Ferrer, J.: Asymmetric group key agreement. In: Proc. of EUROCRYPT’09, vol. 5479, pp. 153–170 (2009)

    Google Scholar 

  41. Wu, Q., Qin, B., Zhang, L., Domingo-Ferrer, J., Farràs, O.: Bridging broadcast encryption and group key agreement. In: Proc. of ASIACRYPT’11. Lecture Notes in Computer Science, vol. 7073, pp. 143–160 (2011)

    Google Scholar 

  42. Yu, Y., Yang, B., Sun, Y., Zhu, S.L.: Identity based signcryption scheme without random oracles. Comput. Stand. Interfaces 31(1), 56–62 (2009)

    Article  Google Scholar 

  43. Zhang, M., Li, P., Yang, B., Wang, H., Takagi, T.: Towards confidentiality of ID-based signcryption schemes under without random oracle model. In: Proc. of PAISI’10. Lecture Notes in Computer Science, vol. 6122, pp. 98–104 (2010)

    Google Scholar 

  44. Zhang, G., Parashar, M.: Cooperative detection and protection against network attacks using decentralized information sharing. Clust. Comput. 13, 67–86 (2010)

    Article  Google Scholar 

  45. Zhang, B., Xu, Q.L.: An ID-based anonymous signcryption scheme for multiple receivers secure in the standard model. In: Proc. of AST/UCMA/ISA/ACN 2010. Lecture Notes in Computer Science, vol. 6059, pp. 15–27 (2010)

    Google Scholar 

  46. Zhang, M., Yang, B., Takagi, T., Shen, Y., Zhang, W.: Fuzzy biometric signcryption scheme with bilinear pairings in the standard model. In: Proc. of PAISI’10. Lecture Notes in Computer Science, vol. 6122, pp. 77–87 (2010)

    Google Scholar 

  47. Zheng, Y.: Digital signcryption or how to achieve cost (Signature & Encryption) ≤ Cost (Signature) + Cost (Encryption). In: Proc. of CRYPTO’97. Lecture Notes in Computer Science, vol. 1294, pp. 165–179 (1997)

    Google Scholar 

Download references

Acknowledgements

For the authors with the UNESCO Chair in Data Privacy, this paper does not necessarily reflect the position of UNESCO nor does it commit that organization.

Author information

Authors and Affiliations

  1. School of Information, Renmin University of China, Beijing, P.R. China

    Bo Qin

  2. Department of Computer Engineering and Mathematics, UNESCO Chair in Data Privacy, Universitat Rovira i Virgili, Tarragona, Catalonia

    Bo Qin, Huaqun Wang, Qianhong Wu & Josep Domingo-Ferrer

  3. School of Information Engineering, Dalian Ocean University, Dalian, China

    Huaqun Wang

  4. School of Electronic and Information Engineering, Beihang University, Beijing, China

    Qianhong Wu & Jianwei Liu

Authors
  1. Bo Qin
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Huaqun Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Qianhong Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jianwei Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Josep Domingo-Ferrer
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Huaqun Wang.

Additional information

This paper is partly supported by the European Commission under FP7 projects “DwB” and “Inter-Trust”, the Spanish Government through projects CTV-09-634, PTA2009-2738-E, TSI-020302-2010-153, TIN2009-11689, TIN2011-27076-C03-01, CONSOLIDER INGENIO 2010 “ARES” CSD2007-0004 and TSI2007-65406-C03-01, by the Catalonia Government through grant SGR2009-1135, and by the NSF of China through grants 60970116, 91018008, 61173154, 61003214, 61173192, 61272501 and 61272522, by MOST of China through National Key Basic Research Program under grant 2012CB315905, by Shaanxi Provincial Education Department through Scientific Research Program 2010JK727, by the NSF of Liaoning Province in China through project 20102042 and by the Program for Liaoning Excellent Talents in University through project LJQ2011078. The fifth author is partially supported as an ICREA-Acadèmia researcher by the Catalan Government.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Qin, B., Wang, H., Wu, Q. et al. Simultaneous authentication and secrecy in identity-based data upload to cloud. Cluster Comput 16, 845–859 (2013). https://doi.org/10.1007/s10586-013-0258-7

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10586-013-0258-7

Keywords

Search

Navigation