VOLUME: 07, Special Issue 08, Paper id-IJIERM-VII-VIII, December 2020 69
TWO MECHANISM BASED DATA SECURITY PROTECTION FOR CLOUD STORAGESYSTEM: A REVIEW Jayant Singh
M.Tech (Computer Science & Engineering), RKDF College of Engineering, Bhopal Sanjay Kumar Brahman
Dept. of Computer Science, RKDF College of Engineering, Bhopal 1 INTRODUCTION
Despite its advantages, outsourcing data storage also increases the attack surface area at the same time. For example, when data is distributed, the more locations it is stored the higher risk it contains for unauthorized physical access to the data.
By sharing storage and networks with many other users it is also possible for other unauthorized users to access your data. This may be due to mistaken actions, faulty equipment, or sometimes because of criminal intent. A promising solution to offset the risk is to deploy encryption technology. Encryption can protect data as it is being transmitted to and from the cloud service. It can further protect data that is stored at the service provider. Even there is an unauthorized adversary who has gained access to the cloud, as the data has been encrypted, the adversary cannot get any information about the plaintext. Asymmetric encryption allows the encrypt or to use only the public information (e.g., public key or identity of the receiver) to generate a cipher text while the receiver uses his/her own secret key to decrypt.[5] This is the most convenient mode of encryption for data transition, due to the elimination of key management existed in symmetric encryption. Enhanced security protection, In a normal asymmetric encryption, there is a single secret key corresponding to a public key or an identity. The decryption of cipher text only requires this key. The key is usually stored inside either a personal computer or a trusted server, and may be protected by a password. The security protection is sufficient if the computer/server is isolated from an opening network. Unfortunately, this is not what happens in the real life. When being connected with the world through the Internet, the computer/server may suffer from a potential risk that hackers may intrude into it to compromise the secret key without letting the key owner know. In the physical security aspect, the
computer storing a user decryption key may be used by another user when the original computer user (i.e. the key owner) is away (e.g., when the user goes to toilet for a while without locking the machine).
1.1 Objective of the Project
In this paper, we propose a two-factor data security protection mechanism with factor revocability for cloud storage system .Our system allows a sender to send an encrypted message to a receiver through a cloud storage server. The sender only needs to know the identity of the receiver but no other information (such as its public key or its certificate).
The receiver needs to possess two things in order to decrypt the cipher text. The first thing is his/her secret key stored in the computer. The second thing is a unique personal security device which connects to the computer. It is impossible to decrypt the cipher text without either piece. More importantly, once the security device is stolen or lost, this device is revoked. It cannot be used to decrypt any cipher text. This can be done by the cloud server which will immediately execute some algorithms to change the existing cipher text to be un-decrypt able by this device. This process is completely transparent to the sender. Furthermore, the cloud server cannot decrypt any cipher text a t any time. The security and efficiency analysis show that our system is not only secure but also practical.
1.2 Problem Formulation
Suppose we put part of the secret key into the security device. Unfortunately the device is stolen. The user needs to obtain a replacement device so that he can continue to decrypt his corresponding secret key. The trivial way is to copy the same bits (as in the stolen device) to the new device by the private key generator (PKG). This approach can be easily achieved. Nevertheless, there exists
VOLUME: 07, Special Issue 08, Paper id-IJIERM-VII-VIII, December 2020 70
security risk. If the adversary (who hasstolen the security device) can also break into the computer where the other part of secret key is stored, then it can decrypt all cipher text corresponding to the victim user. The most secure way is to cease the validity of the stolen security device.
2. LITERATURE SURVEY
2.1 Public Key Replacement and Universal Forgery of SCLS Scheme [11]
Mingwu Zhang (2013)‖ Certificate less cryptography eliminates the need of certificates in the PKI and solves the inherent key escrow problem in the ID- based cryptography. Recently, Du and Wen proposed a short certificate less signature scheme (SCLS) without Map To Point hash function, and the signature size is short enough with only half of the DSA signature. In this paper, after the detailing the formal of certificate less signature scheme, we show that the Du- Wen’s short certificate less signature scheme is insecure that is broken by a type-I adversary who has the ability in replacing users’ public keys and accessing to the signing oracles, and also cannot resist on the universal forgery attack for any third user.
Short certificate less signature is a useful cryptographic tool in the systems or devices with low bandwidth channel and/or low computation power, where it can prevent the malicious behaviour from malicious-but-passive KGC. Recently, Du and Wen proposed an efficient CLS scheme with shorter signature size and higher computation efficiency without Map to Point map function. In this paper we showed that the Du-Wen’s CLS scheme is universally forgeable for any third party and cannot resist on the type-I adversary under replacing public keys attacks. This result shows that it is possible insecure if it combines a standard deterministic signature scheme into a certificate less ones.
2.1.1 Longitude: a Privacy-preserving Location Sharing Protocol for Mobile Applications [12]
Changyu Dong, Naranker Dulay (2011) Location sharing services are becoming increasingly popular. Although many location sharing services allow users to set up privacy policies to control that can
access their location, the use made by service providers remains a source of concern. Ideally, location sharing providers and middleware should not be able to access users’ location data without their consent. In this paper, we propose a new location sharing protocol called Longitude that eases privacy concerns by making it possible to share a user’s location data blindly and allowing the user to control who can access her location, when and to what degree of precision. The underlying cryptographic algorithms are designed for GPS-enabled mobile phones. We describe and evaluate our implementation for the Nexus One Android mobile phone.
In this paper, we presented a new privacy preserving location sharing protocol called Longitude. The most significant features of Longitude are that the location sharing provider only processes encrypted locations that it unable to decrypt, supports different granularities of locations for different receivers, and low key management, computation and communication overheads. In addition, Longitude’s proxy re-encryption scheme is provably secure and the cryptographic functions optimized for mobile platforms. A prototype was implemented in Java on the Nexus One Android mobile phone and the CPU-time and energy consumption were evaluated.
One type of privacy policy which has proven to be useful in location sharing services are selective location-based policies.
2.1.2 Identity-based Encryption with Efficient Revocation [6]
A. Boldyreva, (2008) Identity-based encryption (IBE) is an exciting alternative to public-key encryption, as IBE eliminates the need for a Public Key Infrastructure (PKI). Any setting, PKI- or identity-based, must provide a means to revoke users from the system. Efficient revocation is a well-studied problem in the traditional PKI setting. However in the setting of IBE, there has been little work on studying the revocation mechanisms.
The most practical solution requires the senders to also use time periods when encrypting, and all the receivers (regardless of whether their keys have been compromised or not) to update their
VOLUME: 07, Special Issue 08, Paper id-IJIERM-VII-VIII, December 2020 71
private keys regularly by contacting thetrusted authority. We note that this solution does not scale well – as the number of users increases, the work on key updates becomes a bottleneck. We propose an IBE scheme that significantly improves key-update efficiency on the side of the trusted party (from linear to logarithmic in the number of users), while staying efficient for the users. Our scheme builds on the ideas of the Fuzzy IBE primitive and binary tree data structure, and is provably secure.
We proposed an IBE scheme with efficient revocation, whose complexity of key updates is significantly reduced (from linear to logarithmic in the number of users) compared to the previous solution.
We discussed several variants achieving different levels of security. We also discussed how to construct an attribute- based encryption scheme with efficient revocation. Our schemes should be particularly useful in the settings where a large number of users is involved and scalability is an issue.
2.1.3 Laminar: Practical Fine-Grained Decentralized Information Flow Control [13]
Indrajit Roy (2009) Decentralized information flow control (DIFC) is a promising model for writing programs with powerful, end-to-end security guarantees. Current DIFC systems that run on commodity hardware can be broadly categorized into two types:
language-level and operating system-level DIFC. Language level solutions provide no guarantees against security violations on system resources, like files and sockets.
Operating system solutions can mediate accesses to system resources, but are inefficient at monitoring the flow of information through fine-grained program data structures. This paper describes Laminar, the first system to implement decentralized information flow control using a single set of abstractions for OS resources and heap-allocated objects.
Programmers express security policies by labeling data with secrecy and integrity labels, and then access the labeled data in lexically scoped security regions.
Laminar enforces the security policies specified by the labels at runtime.
Laminar is implemented using a modified
Java virtual machine and a new Linux security module. This paper shows that security regions ease incremental deployment and limit dynamic security checks, allowing us to retrofit DIFC policies on four application case studies.
Replacing the applications’ ad-hoc security policies changes less than 10% of the code, and incurs performance overheads from 1% to 56%. Whereas prior DIFC systems only support limited types of multithreaded programs, Laminar supports a more general class of multithreaded DIFC programs that can access heterogeneously labelled data.
Laminar is the first DIFC system to unify PL and OS mechanisms for information flow control. It provides a natural programming model to retrofit powerful and auditable security policies onto existing, complex, multithreaded programs.
2.1.4 Unidirectional Chosen-Cipher text Secure Proxy Re-Encryption [14]
Benoˆıt Libert (2009)
In 1998, Blaze, Bleumer, and Strauss proposed a cryptographic primitive called proxy re-encryption, in which a proxy transforms – without seeing the corresponding plaintext – a cipher text computed under Alice’s public key into one that can be opened using Bob’s secret key. Recently, an appropriate definition of chosen-cipher text security and a construction fitting this model were put forth by Canetti and Hohenberger. Their system is bidirectional: the information released to divert cipher texts from Alice to Bob can also be used to translate cipher texts in the opposite direction. In this paper, we present the first construction of unidirectional proxy re- encryption scheme with chosen cipher text security in the standard model (i.e.
without relying on the random oracle idealization), which solves a problem left open at CCS’07. Our construction is efficient and requires a reasonable complexity assumption in bilinear map groups. Like the Canetti-Hohenberger scheme, it ensures security according to a relaxed definition of chosen-cipher text introduced by Canetti, Krawczyk and Nielsen.
We presented the first unidirectional proxy re-encryption scheme
VOLUME: 07, Special Issue 08, Paper id-IJIERM-VII-VIII, December 2020 72
with chosen cipher text security in thestandard model (i.e. without using the random oracle heuristic). Our construction is efficient and demands a reasonable intractability assumption in bilinear groups. In addition, we applied the same ideas to construct a chosen- cipher text secure PRE scheme with temporary delegation.
2.1.5 Key-Aggregate Cryptosystem for Scalable Data Sharing in Cloud Storage [30]
Mrs. Savita Kacheshwar
Dabhade (2015) Data sharing is an important functionality in cloud storage.
In this article, we show how to securely, efficiently, and flexibly share data with others in cloud storage. We describe new public-key cryptosystems which produce constant-size cipher texts such that efficient delegation of decryption rights for any set of cipher texts are possible. The novelty is that one can aggregate any set of secret keys and make them as compact as a single key, but encompassing the power of all the keys being aggregated. In other words, the secret key holder can release a constant-size aggregate key for flexible choices of cipher text set in cloud storage, but the other encrypted files outside the set remain confidential. This compact aggregate key can be conveniently sent to others or be stored in a smart card with very limited secure storage. We provide formal security analysis of our schemes in the standard model. We also describe other application of our schemes. In particular, our schemes give the first public-key patient- controlled encryption for flexible hierarchy, which was yet to be known.
How to protect users’ data privacy is a central question of cloud storage.
With more mathematical tools, cryptographic schemes are getting more versatile and often involve multiple keys for a single application. In this article, we consider how to ―compress‖ secret keys in public-key cryptosystems which support delegation of secret keys for different cipher text classes in cloud storage. No matter which one among the power set of classes, the delegate can always get an aggregate key of constant size. Our approach is more flexible than hierarchical key assignment which can
only save spaces if all key-holders share a similar set of privileges.
2.1.6 Parallel Key-Insulated Public Key Encryption without Random Oracles [17]
Benoît Libert (2007) Key -insulated cryptography is a crucial technique for protecting private keys. To strengthen the security of key-insulated protocols, Hanaoka, Hanaoka and Imai recently introduced the idea of parallel key- insulated encryption (PKIE) where distinct physically-secure devices (called helpers) are independently used in key updates.
Their motivation was to reduce the risk of exposure for helpers by decreasing the frequency of their connections to insecure environments. Hanaoka et al. showed that it was non-trivial to achieve a PKIE scheme fitting their model and proposed a construction based on the Boneh- Franklin identity-based encryption (IBE) scheme. The security of their system was only analyzed in the idealized random oracle model. In this paper, we provide a fairly efficient scheme which is secure in the standard model (i.e. without random oracles). To do so, we first show the existence of a relation between PKIE and the notion of aggregate signatures (AS) suggested by Boneh et al. We then describe our random oracle-free construction using bilinear maps. Thus, our contributions are both on the concrete side, namely the first realization of parallel key-insulated encryption without the random oracle idealization, and on the conceptual side revealing the relationships between two seemingly unrelated primitives.
We pinpointed connections between the concept of parallel key- insulated encryption and certain identity- based cryptosystems using signatures supporting aggregation. This observation allowed for the design of a secure system in the standard model.
2.2 General Certificate Less Encryption and Timed-Release Encryption
While recent timed-release encryption (TRE) schemes are implicitly supported by a certificate less encryption (CLE) mechanism, the security models of CLE and TRE differ and there is no generic transformation from a CLE to a TRE. This
VOLUME: 07, Special Issue 08, Paper id-IJIERM-VII-VIII, December 2020 73
paper gives a generalized model for CLEthat fulfils the requirements of TRE. This model is secure against adversaries with adaptive trapdoor extraction capabilities for arbitrary identifiers, decryption capabilities for arbitrary public keys, and partial decryption capabilities. It also supports hierarchical identifiers. We propose a concrete scheme under our generalized model and prove it secure without random oracles, yielding the first strongly-secure SMCLE and the first TRE in the standard model. In addition, our technique of partial decryption is different from the previous approach.
Cryptographers seek and try to achieve the strongest possible security definition. Previous models of certificate less encryption (CLE) were too restrictive:
they could not give the desired security properties when instantiated as timed- release encryption (TRE). Our generalized CLE model supports the requirements of TRE.
3 CONCLUSION
In this paper, we introduced a novel two- factor data security protection mechanism for cloud storage system, in which a data sender is allowed to encrypt the data with knowledge of the identity of a receiver only, while the receiver is required to use both his/her secret key and a security device to gain access to the data. Our solution not only enhances the confidentiality of the data, but also offers the revocability of the device so that once the device is revoked; the corresponding cipher text will be updated automatically by the cloud server without any notice of the data owner. Furthermore, we presented the security proof and efficiency analysis for our system.
REFERENCES
1. Akavia, S. Goldwasser, and V. Vaikuntanathan,
―Simultaneous hardcore bits and cryptography against memory attacks,‖ in Proc. 6th Theory Cryptography Conf., 2009, pp. 474–495.
2. S. S. Al-Riyami and K. G. Paterson, ―Certificate less public key cryptography,‖ in Proc. 9th Int.
Conf. Theory Appl. Cryptol., 2003, pp. 452–473.
3. M. H. Au, J. K. Liu, W. Susilo, and T. H. Yuen,
―Certificate based (linkable) ring signature,‖ in Proc. Inf. Security Practice Experience Conf., 2007, pp. 79–92.
4. M. H. Au, Y. Mu, J. Chen, D. S. Wong, J. K. Liu, and G. Yang, ―Malicious KGC attacks in certificate less cryptography,‖ in Proc. 2nd ACM
Symp. Inf., Comput. Commun. Security, 2007, pp. 302–311.
5. M. Blaze, G. Bleumer, and M. Strauss,
―Divertible protocols and atomic proxy cryptography,‖ in Proc. Int. Conf. Theory Appl.
Cryptographic Techn., 1998, pp. 127–144.
6. Boldyreva, V. Goyal, and V. Kumar, ―Identity- based encryption with efficient revocation,‖ in Proc. ACM Conf. Comput. Commun. Security, 2008, pp. 417–426.
7. D. Boneh, X. Ding, and G. Tsudik, ―Fine- grained control of security capabilities,‖ ACM Trans. Internet Techn., vol. 4, no. 1, pp. 60– 82, 2004.
8. D. Boneh and M. Franklin, ―Identity-based encryption from the Weil pairing,‖ in Proc. 21st Annu. Int. Cryptol. Conf., 2001, pp. 213–229.
9. R. Canetti and S. Hohenberger, ―Chosen-cipher text secures proxy re-encryption,‖ in Proc. ACM Conf. Comput. Commun. Security, 2007, pp.
185–194.
10. H. C. H. Chen, Y. Hu, P. P. C. Lee, and Y. Tang,
―NC Cloud: A network-coding-based storage system in a cloud-of-clouds,‖ IEEE Trans.
Comput., vol. 63, no. 1, pp. 31–44, Jan. 2014.
11. Mingwu Zhang, Jintao Yao, Chunzhi Wang, And Tsuyoshi Takagi‖ Public Key Replacement And Universal Forgery Of SCLS Scheme, International Journal Of Network Security, Vol.15, No.1, PP.115-120, Jan. 2013
12. Changyu Dong, Naranker Dulay Longitude: A Privacy-Preserving Location Sharing Protocol For Mobile Applications, Trust Management V, 5th IFIP WG 11.11 International Conference, IFIPTM 2011, Copenhagen, Denmark, June 29- July 1, 2011, Proceedings
13. Indrajit Roy, Donald E. Porter, Michael D. Bond, Kathryn S. Mckinle, Y Emmett Witch el
―Laminar: Practical Fine-Grained Decentralized Information Flow Control, ―ACM 2009‖
14. Benoˆıt Libert And Damien Vergnaud
―Unidirectional Chosen-Cipher text Secure Proxy Re-Encryption ―(2009)’’
15. Nubila Jaleel, Chinju K ―Mediated Certificate less Cryptosystem For The Security Of Data In Public Cloud‖ IJRET: International Journal Of Research In Engineering And Technology Eissn:
2319-1163 | Pissn: 2321-7308, Volume: 04 Issue: 09| September-2015
16. Mrs. Savita Kacheshwar Dabhade, Prof. M. K.
Kshirsagar ―Data Security In Cloud Using Aggregate Key And Diffie Hellman Algorithm‖
IJCSMC, Vol. 4, Issue. 4, April 2015, Pg. 906 – 923 RESEARCH ARTICL, ISSN 2320–088X 17. Benoît Libert, Jean-Jacques Quisquater Parallel
Key-Insulated Public Key Encryption Without Random Oracles,PKC'07 Proceedings Of The 10th International Conference On Practice And Theory In Public-Key Cryptography Pages 298- 314 Beijing, China — April 16 - 20, 207
18. Cong Wang, Ning Cao ―Towards Secure And Dependable Storage services In Cloud Computing‖, IEEE 2009
19. Akavia, S. Goldwasser, and V. Vaikuntanathan.
Simultaneous hardcore bits and cryptography against memory attacks. In TCC, volume 5444 of Lecture Notes in Computer Science, pages 474–495.Springer, 2009.
20. S. S. Al-Riyami and K. G. Paterson. Certificate less public key cryptography. In ASIACRYPT, volume 2894 of Lecture Notes in Computer Science, pages 452–473. Springer, 2003.
VOLUME: 07, Special Issue 08, Paper id-IJIERM-VII-VIII, December 2020 74
21. M. H. Au, J. K. Liu, W. Susilo, and T. H. Yuen.
Certificate based (linkable) ring signature. In ISPEC, volume 4464 of Lecture Notes in Computer Science, pages 79–92. Springer, 2007.
22. M. H. Au, Y. Mu, J. Chen, D. S. Wong, J. K. Liu, and G. Yang. Malicious kg attacks in certificate less cryptography. In ASIACCS, pages 302–311.
ACM, 2007.
23. M. Blaze, G. Bleumer, and M. Strauss.
Divertible protocols and atomic proxy cryptography. In K. Nyberg, editor, EUROCRYPT, volume 1403 of LNCS, pages 127–
144. Springer, 1998.
24. Boldyreva, V. Goyal, and V. Kumar. Identity- based encryption with efficient revocation. In P.
Ning, P. F. Syverson, and S. Jha, editors, ACM Conference on Computer and Communications Security, pages 417–426. ACM, 2008.
25. D. Boneh, X. Ding, and G. Tsudik. Fine-grained control of security capabilities. ACM Trans.
Internet Techn., 4(1):60–82, 2004.
26. D. Boneh and M. Franklin. Identity-based encryption from the weil pairing. In CRYPTO
’01, volume 2139 of LNCS, pages 213–229.
Springer, 2001.
27. R. Canetti and S. Hohenberger. Chosen-cipher text secure proxy re-encryption. In P. Ning, S.
D. C. di Vimercati, and P. F. Syverson, editors, ACM Conference on Computer and Communications Security, pages 185–194.
ACM, 2007.
28. H. C. H. Chen, Y. Hu, P. P. C. Lee, and Y. Tang.
Nccloud: A network-coding-based storage system in a cloud-of-clouds. IEEE Trans.
Computers, 63(1):31–44, 2014.
29. S. S. M. Chow, C. Boyd, and J. M. G. Nieto.
Security-mediated certificate less cryptography.
In Public Key Cryptography, volume3958 of Lecture Notes in Computer Science, pages 508–
524. Springer, 2006.
30. C.-K. Chu, S. S. M. Chow, W.-G. Tzeng, J.
Zhou, and R. H. Deng. Key-aggregate cryptosystem for scalable data sharing in cloud storage. IEEE Trans. Parallel Distrib. Syst., 25(2):468–477, 2014.
31. C.-K. Chu and W.-G. Tzeng. Identity-based proxy re-encryption without random oracles. In J. A. Garay, A. K. Lenstra, M. Mambo, and R.
Peralta, editors, ISC, volume 4779 of LNCS, pages 189–202. Springer, 2007.
32. R. Cramer and V. Shoup. Design and analysis of practical public key encryption schemes secure against adaptive chosen cipher text attack. SIAM J. Comput., 33(1):167–226, January 2004.
33. Y. Dodis, Y. T. Kalai, and S. Lovett. On cryptography with auxiliary input. In STOC, pages 621–630. ACM, 2009.
34. Y. Dodis, J. Katz, S. Xu, and M. Yung. Key- insulated public key crypto systems. In EUROCRYPT, volume 2332 of Lecture Notes in Computer Science, pages 65–82. Springer, 2002.
35. Y. Dodis, J. Katz, S. Xu, and M. Yung. Strong key-insulated signature schemes. In Public Key Cryptography, volume 2567 of Lecture Notes in Computer Science, pages 130–144. Springer, 2003.
36. L. Ferretti, M. Colajanni, and M. Marchetti.
Distributed, concurrent, and independent access to encrypted cloud databases. IEEE
Trans. Parallel Distrib. Syst., 25(2):437–446, 2014.
37. Gentry. Certificate-based encryption and the certificate revocation problem. In EUROCRYPT, volume 2656 of Lecture Notes in Computer Science, pages 272–293. Springer, 2003.
38. M. Green and G. Ateniese. Identity-based proxy re-encryption. In ACNS ’07, volume 4512 of LNCS, pages 288–306.Springer, 2007.
39. H. Guo, Z. Zhang, J. Zhang, and C. Chen.
Towards a secure certificate less proxy re- encryption scheme. In W. Susilo and R.
Reyhanitabar, editors, Prov Sec, volume 8209 of Lecture Notes in Computer Science, pages 330–
346. Springer, 2013.
40. G. Hanaoka, Y. Hanaoka, and H. Imai. Parallel key-insulated public key encryption. In Public Key Cryptography, volume 3958 of Lecture Notes in Computer Science, pages 105–122.
Springer, 2006.
41. Y. H. Hwang, J. K. Liu, and S. S. M. Chow.
Certificate less public key encryption secure against malicious kgc attacks in the standard model. J. UCS, 14(3):463–480, 2008.
42. K. Liang, Z. Liu, X. Tan, D. S. Wong, and C.
Tang. A cca-secure identity-based conditional proxy re-encryption without random oracles. In T. Kwon, M.-K. Lee, and D. Kwon, editors, ICISC, volume 7839 of LNCS, pages 231–246.
Springer, 2012.
43. Libert, J. -J. Quisquater, and M. Yung. Parallel key-insulated public key encryption without random oracles. In Public Key Cryptography, volume 4450 of Lecture Notes in Computer Science, pages 298–314. Springer, 2007.
44. B. Libert and D. Vergnaud. Adaptive-id secure revocable identity based encryption. In M.
Fischlin, editor, CT-RSA, volume 5473 of Lecture Notes in Computer Science, pages 1–15.
Springer, 2009.
45. B. Libert and D. Vergnaud. Unidirectional chosen-cipher text secure proxy re-encryption.
IEEE Transactions on Information Theory, 57(3):1786–1802, 2011.
46. J. K. Liu, M. H. Au, and W. Susilo. Self- generated-certificate public key cryptography and certificate less signature/encryption scheme in the standard model: extended abstract. In ASIACCS, pages 273–283. ACM, 2007.
47. J. K. Liu, J. Baek, W. Susilo, and J. Zhou.
Certificate-based signature schemes without pairings or random oracles. In ISC, volume 5222 of Lecture Notes in Computer Science, pages 285–297.Springer, 2008.
48. J. K. Liu, J. Baek, and J. Zhou. Certificate- based sequential aggregate signature. In WISEC, pages 21–28. ACM, 2009.
49. J. K. Liu, F. Bao, and J. Zhou. Short and efficient certificate-based signature. In Networking Workshops, volume 6827 of Lecture Notes in Computer Science, pages 167–178.
Springer, 2011.
50. J. K. Liu and D. S. Wong. Solutions to key exposure problem inring signature. I. J.
Network Security, 6(2):170–180, 2008.
51. J. K. Liu and J. Zhou. Efficient certificate-based encryption in the standard model. In SCN, volume 5229 of Lecture Notes in Computer Science, pages 144–155. Springer, 2008.
52. S. Luo, Q. Shen, and Z. Chen. Fully secure unidirectional identity based proxy re-
VOLUME: 07, Special Issue 08, Paper id-IJIERM-VII-VIII, December 2020 75
encryption. In H. Kim, editor, ICISC, volume 7259of LNCS, pages 109–126. Springer, Heidelberg, 2011.
53. M. Mambo and E. Okamoto. Proxy cryptosystems: Delegation of the power to decrypt cipher texts. IEICE Transactions, E80- A(1):54–63, 1997.
54. T. Matsuo. Proxy re-encryption systems for identity-based encryption. In Pairing ’07, volume 4575 of LNCS, pages 247–267.Springer, 2007.
55. M. Naor and G. Segev. Public-key cryptosystems resilient to key leakage. In CRYPTO, volume 5677 of Lecture Notes in Computer Science, pages 18–35. Springer, 2009.
56. A Sahai, H. Seyalioglu, and B. Waters. Dynamic credentials and cipher text delegation for attribute-based encryption. In R. Safavi-Naini and R. Canetti, editors, CRYPTO, volume 7417 of Lecture Notes in Computer Science, pages 199–217.Springer, 2012.14
57. J. H. Seo and K. Emura. Efficient delegation of key generation and revocation functionalities in identity-based encryption. In E. Dawson, editor, CT-RSA, volume 7779 of Lecture Notes in Computer Science, pages 343–358. Springer, 2013.
58. J. Shao and Z. Cao. Multi-use unidirectional identity-based proxy re-encryption from hierarchical identity-based encryption.
Information Sciences, 206(0):83 – 95, 2012.
59. Q. Tang, P. H. Hartel, and W. Jonker. Inter- domain identity-based proxy re-encryption. In M. Yung, P. Liu, and D. Lin, editors, Inscrypt, volume 5487 of Lecture Notes in Computer Science, pages332–347.Springer, 2008.
60. V. Varadharajan and U. K. Tupakula. Security as a service model for cloud environment. IEEE Transactions on Network and Service Management, 11(1):60–75, 2014.
61. Wang, S. S. M. Chow, Q. Wang, K. Ren, and W.
Lou. Privacy preserving public auditing for secure cloud storage. IEEE Trans. Computers, 62(2):362–375, 2013.
62. C. Wang, Q. Wang, K. Ren, N. Cao, and W. Lou.
Toward secure and dependable storage services in cloud computing. IEEE T. Services Computing, 5(2):220–232, 2012.
63. H. Wang. Proxy provable data possession in public clouds. IEEET. Services Computing, 6(4):551–559, 2013.
64. B. Waters. Efficient identity-based encryption without random oracles. In R. Cramer, editor, EUROCRYPT, volume 3494 of Lecture Notes in Computer Science, pages 114–127.Springer, 2005.
65. K. Yang, X. Jia, K. Ren, B. Zhang, and R. Xie.
Dac-macs: Effective data access control for multiauthority cloud storage systems. IEEE Transactions on Information Forensics and Security, 8(11):1790–1801,2013.
66. W.-S. Yap, S. S. M. Chow, S.-H. Heng, and B.- M. Goi. Security mediated certificate less signatures. In ACNS, volume 4521 of Lecture Notes in Computer Science, pages 459–477.
Springer, 2007.
67. Y. Zhu, G.-J.Ahn, H. Hu, S. S. Yau, H. G. An, and C. Hu. Dynamic audit services for outsourced storages in clouds. IEEE T. Services Computing, 6(2):227–238, 2013.
