Design and analysis of schemes for privacy preserving cloud storage services
Public cloud storage services have become the leading choice for individuals and organizations to store their data, as the service provides the benefits of availability and reliability together at a reduced cost. While storing data in public cloud storage server, preserving data security and privacy have become a prime concern. For providing data security on public cloud storage it is required to preserve the confidentiality of data and to enforce the data access policies. Before uploading the data to public cloud storage, data can be encrypted and assured that only authorized users access the data with a valid decryption key. The enforcement of fine-grained access control policies on encrypted data prevents the unauthorized disclosure of sensitive data among multiple users. On one hand the fine-grained access control policy helps to achieve the authorized access control on data, while on other hand, the access policy discloses the target recipient of the ciphertext. The receiver information for a ciphertext helps an adversary to gain the information about the underlying data. Therefore, it is essential to hide the receiver information for preserving the data security. Attribute Based Encryption (ABE) is a well-known cryptographic primitive that provides both the confidentiality and fine-grained access control together. In ABE, each data user is identified with a set of attribute values. Each data file has an access policy defined by its owner in terms of the attributes. A user can decrypt the document, only if the threshold number of attributes are matched between the access policy and user's attribute list. The customized version of ABE which hides the access policy within ciphertext is known as Anonymous Attribute Based Encryption (AABE).We have worked on AABE for designing and analyzing some schemes for achieving users anonymity in retrieving results from stored data in public cloud storage. The other research challenges for preserving public cloud data storage security include searching over encrypted data, authentication of data, secure data sharing etc. We have formulated five new AABE schemes which enhances the data storage security in public cloud. The common objective of all our proposed schemes is to maintain data confidentiality and preserve the receive anonymity. The proposed first three schemes facilitate searching over ABE data with hidden access policy. The first scheme "Data Owner based Searchable Encryption (DOSE)" provides searching using data owner's identity. The scheme enables a cloud server to perform the search operation with look-up approach and do not require any mathematical operations on cloud server side. The other two schemes provide keyword based search over attribute based encrypted data with hidden access policy. One of those schemes is "Receiver Anonymous Searchable Encryption (RASE)", which provides an efficient keyword based searching over attribute based encrypted data with receiver anonymity. It enables a user to selectively retrieve a subset of data from the vast amount of encrypted data stored on the cloud. The search operation of RASE scheme is performance efficient when compared with the existing schemes because for any ABE schemes, the number of pairing operations has a high impact on the operational time complexity. Irrespective of the number of attributes, the search operation in RASE requires a limited and constant number of pairing operations. The RASE scheme is built using the multi-linear pairing. The security of RASE has been proved secure against chosen keyword attack. The RASE scheme is applicable in a scenario, where the data owner has to include only one value per attribute in the access policy. The scheme does not allow the data owner to place multiple values per attribute to be included in the access policy. In our next scheme for searchable ABE, we have addressed this issue and proposed a "Privacy preserving Searchable Encryption (PSE)" scheme, that enables the data owner to place multiple values of an attribute in the access policy. For the PSE scheme we have also customized the system model and make it secure against the file injection attacks. The PSE scheme is also proven secure against chosen keyword attack. The searchable encryption schemes facilitate to retrieve the subset from encrypted document collection. However, after retrieval it is required that the user should be able to decrypt the retrieved documents with minimum computation overhead and verify the authenticity of the data. With this motive, we have proposed "Privacy preserving Attribute based Signcryption (PASC)" scheme. Th PASC scheme achieves the cost-efficient decryption operation when compared with that of existing AABE schemes. In addition to cost-effective decryption operation, it also allows the verification of data owner's attributes and unique identity. Unlike the existing ABSC schemes, the scheme supports data owner traceability with sender privacy. The sender privacy is referred to the point that only an authorized receiver is able to identify the data owner who has signed and uploaded the document. The PASC scheme supports data confidentiality, receiver anonymity, message authentication and fine-grained access control altogether. The scheme has been proven secure against adaptively chosen ciphertext attack. The cost-effective unsigncryption operation makes the scheme PASC a better choice for users who wants to download the searched documents and decrypt them. However, there are certain real-life cases where a user instead of downloading and decrypting the documents, wants to forward them to other user for the purpose of sharing the data. To address this requirement of sharing the encrypted data, we have designed a scheme that is an "Proxy ReEncryption for Anonymous Attribute Based Encrypted data (PRE-AABE)". In traditional proxy reencryption scheme a semi-trusted proxy such as the cloud server converts a data encrypted for Alice into the data for Bob without learning the plaintext contents. Our proposed scheme on attribute based proxy reencryption allows the alteration of ciphertext access policy which is hidden inside the ciphertext. The reencryption task in our scheme does not allow the cloud server to learn about the access policy or the plaintext contents concealed in the ciphertext. The scheme imposes minimal decryption overhead on user side. The scheme also facilitates a delegator to put the reencryption control on the ciphertext, so that the further sharing of data can be controlled. The scheme has been proven secure against chosen plaintext attack. We have experimented the proposed schemes using the pbc cryptography library. The experimental setup for the proposed schemes on end user side used Intel - i5 processor with 3 GB RAM and the cloud side operations were run on a Google compute engine. We have shown the performance analysis of all proposed schemes and compared the results with related schemes.
- PhD Theses