Leakage - Resilient KASE for Group Data Sharing with Auxiliary Input via Cloud Storage

Abstract
Authors
Keywords
Conclusion
References

Nowadays cloud computing is very essential and important for secure storage of data due to its scalability. If the data owner wants to share his/her data with some authorized user and that user wants to access more than one document in such scenario, in existing system data owner sends separate key for each document to the user. To overcome drawback of this approach we designed a Key Aggregate Searchable Encryption (KASE) scheme in which data owner generates a single key for multiple number of documents and share the key with the user. Then the user uses that aggregate key to perform keyword searching over the group of any number of files through single trapdoor using aggregate key and decrypts the required documents. But still a number of side channel attacks are possible on that aggregate key to leak the master secret key. If the key gets leaked then the attacker will have access to all the documents. The system can be secured by reducing bit leakage so that an attacker cannot recover master secret key from aggregate key. In this paper, we propose a Leakage-Resilient KASE scheme in which numbers of leaked bits by the attacker are reduced. Evaluation results for the proposed system prove that our scheme is auxiliary input CPA secure based on the KASE scheme by reducing leakage by a ratio of 80% approximately.

Published In : IJCSN Journal Volume 6, Issue 3

Date of Publication : June 2017

Pages : 438-445

Figures :06

Tables : 01

Payal Bhagat : received Bachelor degree in Computer Science and Engineering from SIPNA College of Engineering, Amravati, Maharashtra, India, in 2015, and Currently doing Master of Engineering in Computer in Pune Institute of Computer Technology (P.I.C.T), Pune, Maharashtra, India.

Amar Buchade : is a Assistant Professor in Pune Institute of Computer Technology (P.I.C.T), Pune, Maharashtra, India.

Auxiliary Input, CPA Security Model, Key Aggregate, Leakage Resilient, Searchable Encryption.

Key Aggregate Searchable Encryption (KASE) is very useful for the group data sharing in cloud storage, but can be prone to key leakage. In our proposed system we concentrate on making the leakage resilient KASE system, since when KASE system is used in cloud applications, it is prone to leakage by side-channel attacks. We propose a leakage resilient KASE system with auxiliary input, which is secured such that the number of bits leaked by the attacker using an aggregate key is reduced. We ensure that the attacker cannot recover any knowledge about master secret key. Evaluation and testing results show that our proposed leakage-resilient KASE don't have any impact on functionality of the system and reduces leakage by a ratio of approximately 80%.

[1] Baojiang Cui, Zheli Liu, and Lingyu Wang, “Key- Aggregate Searchable Encryption (KASE) for Group Data Sharing via Cloud Storage”, IEEE Transaction on Computer, vol. 65, no 8, Aug 2016. [2] Zhiwei Wang and Lingyu Zhou, “Leakage-Resilient Key- Aggregate Cryptosystem with Auxiliary Input”, 25th International Conference on Computer Communication and Networks (ICCCN), 2016. [3] S. Yu, C. Wang, K. Ren, and W. Lou, “Achieving secure, scalable, and fine-grained data access control in cloud computing,” in Proc. IEEE Conf. Comput. Commun., 2010, pp. 534–542. [4] R. Lu, X. Lin, X. Liang, and X. Shen, “Secure provenance: The essential of bread and butter of data forensics in cloud computing,” in Proc. ACM Symp. Inf., Comput. Commun. Security, 2010, pp. 282–292. [5] X. Liu, Y. Zhang, B. Wang, and J. Yan, “Mona: Secure multi-owner data sharing for dynamic groups in the cloud,” IEEE Trans. Parallel Distrib. Syst., vol. 24, no. 6, pp. 1182–1191, Jun. 2013. [6] C. K. Chu, S. Chow, W. G. Tzeng, J. Y. Zhou, and R. Deng, “Key-aggregate cryptosystem for scalable data sharing in cloud storage,” IEEE Trans. Parallel Distrib. Syst., vol. 25, no. 2, pp. 468–477, Feb. 2014. [7] R. Curtmola, J. Garay, S. Kamara, and R. Ostrovsky, “Searchable symmetric encryption: Improved definitions and efficient constructions,” in Proc. 13th ACM Conf. Comput. Commun. Security, 2006, pp. 79–88. [8] C. Dong, G. Russello, and N. Dulay, “Shared and searchable encrypted data for untrusted servers,” J. Comput. Security, vol. 19, pp. 367–397, 2011. [9] F. Zhao, T. Nishide, and K. Sakurai, “Multi-user keyword search scheme for secure data sharing with fine-grained access control,” in Proc. Int. Conf. Inf. Security Cryptol., 2012, pp. 406–418. [10] J. W. Li, J. Li, X. F. Chen, C. F. Jia, and Z. L. Liu, “Efficient keyword search over encrypted data with fine-grained access control in hybrid cloud,” in Proc. 6th Int. Conf. Netw. Syst.Security, 2012, pp. 490–502. [11] J. Li and K. Kim, “Hidden attribute-based signatures without anonymity revocation,” Inf. Sci., vol. 180, no. 9, pp. 1681–1689, 2010. [12] X. F. Chen, J. Li, X. Y. Huang, J. W. Li, and Y. Xiang, “Secure outsourced attribute-based signatures,” IEEE Trans. Parallel Distrib. Syst., vol. 25, no. 12, pp. 3285–3294, Dec. 2014. [13] J. Li, X. F. Chen, M. Q. Li, J. W. Li, P. Lee, and W. Lou, “Secure deduplication with efficient and reliable convergent key management,” IEEE Trans. Parallel Distrib. Syst., vol. 25, no. 6, pp. 1615–1625, Jun. 2014. [14] Z. L. Liu, Z. Wang, X. C. Cheng, and , C. F. Jia, K. Yuan, “Multiuser searchable encryption with coarser-grained access control in hybrid cloud,” in Proc. 4th Int. Conf. Emerging Intell. Data Web Technol., 2013, pp. 249–255. [15] R. A. Popa and N. Zeldovich, “Multi-key searchable encryption,” Cryptol. ePrint Archive, Rep. 2013/508, 2013. [16] Mingwu Zhang, Wei Shi, Chunzhi Wang, Zhenhua Chen, Yi Mu: Leakage-Resilient Attribute-Based Encryption with Fast Decryption: Models, Analysis and Constructions. ISPEC 2013, volume 7863 of LNCS, pages 75-90, 2013 [17] Akavia A, Goldwasser S and Vaikuntanathan V. Simultaneous hardcore bits and cryptography against memory attacks”. TCC’ 09, LNCS 5444, pp. 474-495, Berlin: Springer-Verlag, 2009. [18] J. Alwen, Y. Dodis, M. Naor, G. Segev, S. Wallsh, and D. Wichs. Public-key encryption in the bounded-retrieval model. In EUROCRYPT, pages 113-134, 2010. [19] J. Alwen, Y. Dodis, and D. Wichs. Leakage-resilient public-key cryptography in the bounded-retrieval model. In CRYPTO, pages 36-54, 2009. [20] D. Di Crescenzo, R. J. Lipton, and S. Wallsh. Perfectly secure password protocols in the bounded retrieval model. In TCC, pages 225-244, 2006. [21] Y. Dodis, K. Haralambiev, A. Lopez-Alt, and D. Wichs. Cryptography against continuous memory attacks. In FOCS, pages 511-520, 2010. [22] A. Lewko, Y. Rouselakis, B. Waters. Achieving Leakage Resilience through Dual System Encryption. TCC 2011, LNCS 6597, pages: 70-88, 2011. [23] Dodis, Y., Goldwasser, S., Kalai, Y.T., Peikert, C., Vaikuntanathan, V.: Public Key Encryption Schemes with Auxiliary Inputs. In: Micciancio, D. (ed.) TCC 2010. LNCS, vol. 5978, pp. 361C381. Springer, Heidelberg (2010). [24] Tsz Hon Yuen, Sherman S. M. Chow, Ye Zhang, Siu-Ming Y-iu: Identity-Based Encryption Resilient to Continual Auxiliary Leakage. EUROCRYPT 2012: 117-134. [25] Tsz Hon Yuen,Ye Zhang, Siu-ming Yiu, Joseph K. Liu: Identity- Based Encryption with Post-Challenge Auxiliary Inputs for Secure Cloud Applications and Sensor Networks, ESORICS 2014, Part I, LNCS 8712, pp. 130-147, 2014. [26] Zhiwei Wang, Siu Ming Yiu: Attribute-Based Encryption Relient to Auxiliary Input, ProvSec 2015, LNCS 9451, pp. 371-390, 2015.