Abstract
The deployment of cloud services enables users to outsource their data to cloud servers and retrieve the target data efficiently. However, the application of quantum computers in clouds would be realized from the recent breakthrough results of quantum computers. Existing authentication schemes based on conventional hardness assumptions will be confronted with quantum attackers in the near future. A lattice-based authentication scheme resolves this tension. Although, existing lattice-based authentication schemes employing identity-based signcryption (IBS), the security against misbehaved private key generators (mPKG) is not well-considered, which may cause privacy issues in some application scenarios since the mPKG can generate the secret key for any given identity. This paper proposes an IBS-based authentication scheme for cloud storage dubbed LAMA that thwarts adversaries who have quantum computing power. We integrate the IBS scheme with the lattice-based cryptography, which is the variant of existing IBS-based authentication schemes and is post-quantum secure. We integrate identity certifying authority (ICA) with private key generator (PKG) to ensure security against mPKG. Our comprehensive security proof demonstrates that LAMA is indistinguishable against chosen plaintext attacks and secure against mPKG. We conduct a comprehensive performance evaluation of LAMA, which demonstrates the high efficiency of LAMA in terms of computation and communication overhead and proves that it can be easily deployed on low configured user devices.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Abdallah AR, Shen XS (2018) A lightweight lattice-based homomorphic privacy-preserving data aggregation scheme for smart grid. IEEE Trans Smart Grid 9(1):396–405. https://doi.org/10.1109/TSG.2016.2553647
Bellare M, Boldyreva A, Micali S (2000) Public-key encryption in a multi-user setting: security proofs and improvements. In: International Conference on the Theory and Application of Cryptographic Techniques, Belgium, pp 259–274, https://doi.org/10.1007/3-540-45539-6_18
Cao J, Yu P, Xiang X, Ma M, Li H (2019) Anti-quantum fast authentication and data transmission scheme for massive devices in 5g nb-iot system. IEEE Internet Things J 6(6):9794–9805. https://doi.org/10.1109/JIOT.2019.2931724
Chaudhary R, Aujla GS, Kumar N, Zeadally S (2019) Lattice-based public key cryptosystem for internet of things environment: challenges and solutions. IEEE Internet Things J 6(3):4897–4909. https://doi.org/10.1109/JIOT.2018.2878707
CHO A (2020) Ibm promises 1000-qubit quantum computer-a milestone-by 2023. https://www.science.org/news/2020/09/ibm-promises1000-qubit-quantum-computer-milestone-2023
Chopra A (2017) Glyph: A new instantiation of the glp digital signature scheme. https://eprint.iacr.org/2017/766
Chow SSM (2009) Removing escrow from identity-based encryption. In: 12th International Conference on Practice and Theory in Public Key Cryptography, USA, Springer, pp 256–276, https://doi.org/10.1007/978-3-642-00468-1_15
Das A, Bonneau J, Caesar M, Borisov N, Wang X (2014) The tangled web of password reuse. In: 21st Annual Network and Distributed System Security Symposium NDSS, USA, https://www.ndss-symposium.org/ndss2014/tangled-web-password-reuse
Dharminder D, Chandran K (2020) Lwesm: learning with error based secure communication in mobile devices using fuzzy extractor. J Ambient Intell Human Comput 11:4089–4100. https://doi.org/10.1007/s12652-019-01675-7
Du H, Wen Q, Zhang S, Gao M (2020) A new provably secure certificateless signature scheme for internet of things. Ad Hoc Netw https://doi.org/10.1016/j.adhoc.2020.102074
Feng Q, He D, Zeadally S, Kumar N, Liang K (2019) Ideal lattice-based anonymous authentication protocol for mobile devices. IEEE Syst J 13(3):2775–2785. https://doi.org/10.1109/JSYST.2018.2851295
Gentry C (2009) Fully homomorphic encryption using ideal lattices. In: Proceedings of the 41st Annual ACM Symposium on Theory of Computing, STOC,USA, ACM, pp 169–178, https://doi.org/10.1145/1536414.1536440
Gentry C, Halevi S, Vaikuntanathan V (2010) A simple bgn-type cryptosystem from LWE. IACR Cryptol ePrint Arch 2010:506–522, http://eprint.iacr.org/2010/182
Gentry C, C, Vaikuntanathan V (2008) Trapdoors for hard lattices and new cryptographic constructions. In: Proceedings of the 40th Annual ACM Symposium on Theory of Computing, Victoria, Canada, ACM, pp 197–206, https://doi.org/10.1145/1374376.1374407
Göttert N, Feller T, Schneider M, Buchmann JA, Huss SA (2012) On the design of hardware building blocks for modern lattice-based encryption schemes. In: Cryptographic hardware and embedded systems-CHES- 14th International Workshop, Belgium, Springer, pp 512–529, https://doi.org/10.1007/978-3-642-33027-8_30
Hu Z, Liu S, Chen K (2020) Privacy-preserving location-based services query scheme against quantum attacks. IEEE Trans Dependable Secur Comput 17(5):972–983. https://doi.org/10.1109/TDSC.2018.2831199
Hu M, Ye Q, Gao W, Tang Y (2018) A novel hierarchical identity-based fully homomorphic encryption scheme from lattices. In: Cloud Computing and Security-4th International Conference, ICCCS, China, Part III, Springer, pp 423–434, https://doi.org/10.1007/978-3-030-00012-7_39
Islam SH, Zeadally S (2020) Provably secure identity-based two-party authenticated key agreement protocol based on cbi-isis and bi-isis problems on lattices. J Inf Secur Appl 54:102540. https://doi.org/10.1016/j.jisa.2020.102540
Izabachène M, Pointcheval D (2009) New anonymity notions for identity-based encryption. In: Formal to Practical Security - Papers Issued from the 2005-2008 French-Japanese Collaboration, Springer, pp 138–157, https://doi.org/10.1007/978-3-642-02002-5_8
Kumar G, Saha R, Rai MK, Thomas R, Geetha G, Kim TH, Rodrigues JJPC (2020) A novel framework for fog computing: lattice-based secured framework for cloud interface. IEEE Internet Things J 7(8):7783–7794. https://doi.org/10.1109/JIOT.2020.2991105
Liang J, Qin Z, Xiao S, Ou L, Lin X (2019) Efficient and secure decision tree classification for cloud-assisted online diagnosis services. IEEE Trans Dependable Secur Comput pp 1–1, https://doi.org/10.1109/TDSC.2019.2922958
Li F, Xie D, Gao W, Chen K, Wang G, Metere R (2017) A certificateless signature scheme and a certificateless public auditing scheme with authority trust level 3+. J Ambient Intell Human Comput pp 1–10, https://doi.org/10.1007/s12652-017-0553-x
Li J, Yan H, Zhang Y (2018) Certificateless public integrity checking of group shared data on cloud storage. IEEE Trans Services Comput pp 1–1, https://doi.org/10.1109/TSC.2018.2789893
Lyubashevsky V (2016) Digital signatures based on the hardness of ideal lattice problems in all rings. In: Advances in Cryptology- ASIACRYPT- 22nd International Conference on the Theory and Application of Cryptology and Information Security, Vietnam, Part II, Springer, pp 196–214, https://doi.org/10.1007/978-3-662-53890-6_7
Miao Y, Tong Q, Choo KR, Liu X, Deng RH, Li H (2019) Secure online/offline data sharing framework for cloud-assisted industrial internet of things. IEEE Internet Things J 6(5):8681–8691. https://doi.org/10.1109/JIOT.2019.2923068
Micciancio D, Peikert C (2012) Trapdoors for lattices: simpler, tighter, faster, smaller. In: Advances in Cryptology - EUROCRYPT- 31st Annual International Conference on the Theory and Applications of Cryptographic Techniques, UK, Springer, pp 700–718, https://doi.org/10.1007/978-3-642-29011-4_41
Ni J, Zhang K, Lin X, Shen X (2018) Securing fog computing for internet of things applications: challenges and solutions. IEEE Commun Surv Tutorials 20(1):601–628. https://doi.org/10.1109/COMST.2017.2762345
Nitaj A (2012) Quantum and post quantum cryptography. Online pp 1–1, https://pdfs.semanticscholar.org/25d9/82dfdaa93976dda7fd8dfdae8e12c7b28bb4.pdf
Perlner RA, Cooper DA (2009) Quantum resistant public key cryptography: a survey. In: 8th Symposium on Identity and Trust on the Internet, USA, ACM, pp 85–93, https://doi.org/10.1145/1527017.1527028
Peter WS (1999) Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM Rev 41(2):303–332. https://doi.org/10.1137/S0036144598347011
Plantard T, Susilo W, Zhang Z (2013) Fully homomorphic encryption using hidden ideal lattice. IEEE Trans Inf Forensics Secur 8(12):2127–2137. https://doi.org/10.1109/TIFS.2013.2287732
Qin Z, Xiong H, Zhu G, Chen Z (2014) Certificate-free ad hoc anonymous authentication. Inf Sci 268:447–457. https://doi.org/10.1016/j.ins.2013.11.015
Qi F, Tang X, Wei Q (2015) New escrow-free scheme for hierarchical identity-based encryption. In: Algorithms and Architectures for Parallel Processing - ICA3PP International Workshops and Symposiums, China, Springer, pp 701–713, https://doi.org/10.1007/978-3-319-27161-3_64
Sajay K, Babu S, Vijayalakshmi Y (2019) Enhancing the security of cloud data using hybrid encryption algorithm. J Ambient Intell Human Comput pp 1–10, https://doi.org/10.1007/s12652-019-01403-1
Shim K (2019) A new certificateless signature scheme provably secure in the standard model. IEEE Syst J 13(2):1421–1430. https://doi.org/10.1109/JSYST.2018.2844809
Shor PW (1994) Algorithms for quantum computation: discrete logarithms and factoring. In: 35th Annual Symposium on Foundations of Computer Science, USA, IEEE Computer Society, pp 124–134, https://doi.org/10.1109/SFCS.1994.365700
Wang D, Wang P (2018) Two birds with one stone: two-factor authentication with security beyond conventional bound. IEEE Trans Dependable Secur Comput 15(4):708–722. https://doi.org/10.1109/TDSC.2016.2605087
Wang J, Wang F, Shi S, Yang W (2020) Lattice-based incremental signature scheme for the authenticated data update in fog computing. IEEE Access 8:89595–89602. https://doi.org/10.1109/ACCESS.2020.2994007
Wang J, Wang C (2015) Full secure identity-based encryption scheme over lattices in the standard model. In: 10th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing, 3PGCIC, Poland, IEEE, pp 412–415, https://doi.org/10.1109/3PGCIC.2015.33
Wei Q, Qi F, Tang Z (2018) Remove key escrow from the BF and gentry identity-based encryption with non-interactive key generation. Telecommun Syst 69(2):253–262. https://doi.org/10.1007/s11235-018-0461-1
Yan Y, Wu L, Gao G, Wang H, Xu W (2018) A dynamic integrity verification scheme of cloud storage data based on lattice and bloom filter. J Inf Secur Appl 39:10–18. https://doi.org/10.1016/j.jisa.2018.01.004
Yang H, Zhou Q, Yao M, Lu R, Li H, Zhang X (2019) A practical and compatible cryptographic solution to ads-b security. IEEE Internet Things J 6(2):3322–3334. https://doi.org/10.1109/JIOT.2018.2882633
Zhang P, Yu J, Wang T (2012) A homomorphic aggregate signature scheme based on lattice. Chin J Electron 21(4):701–704. https://doi.org/10.1109/TIFS.2013.2287732
Zhang Y, Xu C, Yu S, Li H, Zhang X (2015) Sclpv: Secure certificateless public verification for cloud-based cyber-physical-social systems against malicious auditors. IEEE Trans Comput Soc Syst 2(4):159–170. https://doi.org/10.1109/TCSS.2016.2517205
Zhang X, Tang Y, Wang H, Xu C, Miao Y, Cheng H (2019) Lattice-based proxy-oriented identity-based encryption with keyword search for cloud storage. Inf Sci 494:193–207. https://doi.org/10.1016/j.ins.2019.04.051
Zhang Y, Xu C, Nan C, Li H, Yang H, Shen X (2020) Chronos+: An accurate blockchain-based time-stamping scheme for cloud storage. IEEE Trans Serv Comput 13(2):216–229. https://doi.org/10.1109/TSC.2019.2947476
Zhang Y, Xu C, Lin X, Shen X (2019a) Blockchain-based public integrity verification for cloud storage against procrastinating auditors. IEEE Trans Cloud Comput pp 1–15, https://doi.org/10.1109/TCC.2019.2908400
Zhang Y, Xu C, Li H, Yang K, Cheng N, Shen X (2020a) Protect: Efficient password-based threshold single-sign-on authentication for mobile users against perpetual leakage. IEEE Trans Mobile Comput pp 1–116, https://doi.org/10.1109/TMC.2020.2975792
Zhang Y, Xu C, Ni J, Li H, Shen X (2019b) Blockchain-assisted public-key encryption with keyword search against keyword guessing attacks for cloud storage. IEEE Trans Cloud Comput pp 1–14, https://doi.org/10.1109/TCC.2019.2923222
Zhang X, Xu C, Wang H, Zhang Y, Wang S (2019a) Fs-peks: Lattice-based forward secure public-key encryption with keyword search for cloud-assisted industrial internet of things. IEEE Trans Dependable Secur Comput pp 1–1, https://doi.org/10.1109/TDSC.2019.2914117
Zhang X, Zhao J, Xu C, Wang H, Zhang Y (2019b) Dopiv: Post-quantum secure identity-based data outsourcing with public integrity verification in cloud storage. IEEE Trans Services Computing pp 1–1, https://doi.org/10.1109/TSC.2019.2942297
Zhao S, Jiang R, Bhargava B (2020) Rl-abe: A revocable lattice attribute based encryption scheme based on r-lwe problem in cloud storage. IEEE Trans Services Comput pp 1–1, https://doi.org/10.1109/TSC.2020.2973256
Zhu Y, Huang D, Hu C, Wang X (2015) From rbac to abac: Constructing flexible data access control for cloud storage services. IEEE Trans Serv Comput 8(4):601–616. https://doi.org/10.1109/TSC.2014.2363474
Zhu H, Ya T, Zhang X, Zhu L, Zhang C, Zheng J (2017) A round-optimal lattice-based blind signature scheme for cloud services. Future Gener Comput Syst 73:106–114. https://doi.org/10.1016/j.future.2017.01.031
Acknowledgements
This work is supported by the National Natural Science Foundation of China under Grant 61872060, the National Key R’I&’D Program of China under Grant 2017YFB802000, and the National Natural Science Foundation of China under Grant 61370203.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Hossain, M.J., Xu, C., Zhang, Y. et al. LAMA: A secure lattice-based authentication scheme for cloud storage against misbehaved private key generator. J Ambient Intell Human Comput 14, 8613–8629 (2023). https://doi.org/10.1007/s12652-021-03620-z
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s12652-021-03620-z