This document summarizes a research paper on secured authorized deduplication in a hybrid cloud system. The system aims to provide data deduplication, differential authorization for access, and confidentiality of data files. It involves a public cloud for storage, a private cloud for managing access tokens, and users who generate keys for files stored on the public cloud. When uploading a file, the user encrypts it and sends it to the public cloud along with the key to the private cloud. To download, the user must provide the correct key to the private cloud to gain access to encrypted files from the public cloud. This hybrid cloud model uses deduplication for storage optimization while controlling access through differential authorization of private keys.
Improving Efficiency of Security in Multi-CloudIJTET Journal
Abstract--Due to risk in service availability failure and the possibilities of malicious insiders in the single cloud, a movement towards “Multi-clouds” has emerged recently. In general a multi-cloud security system there is a possibility for third party to access the user files. Ensuring security in this stage has become tedious since, most of the activities are done in network. In this paper, an enhanced security methodology has been introduced in order to make the data stored in cloud more secure. Duple authentication process introduced in this concept defends malicious insiders and shields the private data. Various disadvantages in traditional systems like unauthorized access, hacking have been overcome in this proposed system and a comparison made with the traditional systems in terms of performance and computational time have shown better results.
International Journal of Engineering and Science Invention (IJESI)inventionjournals
International Journal of Engineering and Science Invention (IJESI) is an international journal intended for professionals and researchers in all fields of computer science and electronics. IJESI publishes research articles and reviews within the whole field Engineering Science and Technology, new teaching methods, assessment, validation and the impact of new technologies and it will continue to provide information on the latest trends and developments in this ever-expanding subject. The publications of papers are selected through double peer reviewed to ensure originality, relevance, and readability. The articles published in our journal can be accessed online
A Hybrid Cloud Approach for Secure Authorized Deduplication1crore projects
- The document proposes a new deduplication system that supports differential or authorized duplicate checking in a hybrid cloud architecture consisting of a public and private cloud. This allows users to securely check for duplicates of files based on their privileges.
- Convergent encryption is used to encrypt files for deduplication while maintaining confidentiality. A new construction is presented that additionally encrypts files with keys derived from user privileges to enforce access control during duplicate checking.
- The system aims to efficiently solve the problem of deduplication with access control in cloud computing. It allows duplicate checking of files marked with a user's corresponding privileges to realize access control while preserving benefits of deduplication.
Key-Aggregate Searchable Encryption (KASE) for Group Data Sharing via Cloud S...1crore projects
IEEE PROJECTS 2015
1 crore projects is a leading Guide for ieee Projects and real time projects Works Provider.
It has been provided Lot of Guidance for Thousands of Students & made them more beneficial in all Technology Training.
Dot Net
DOTNET Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
Java Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
ECE IEEE Projects 2015
1. Matlab project
2. Ns2 project
3. Embedded project
4. Robotics project
Eligibility
Final Year students of
1. BSc (C.S)
2. BCA/B.E(C.S)
3. B.Tech IT
4. BE (C.S)
5. MSc (C.S)
6. MSc (IT)
7. MCA
8. MS (IT)
9. ME(ALL)
10. BE(ECE)(EEE)(E&I)
TECHNOLOGY USED AND FOR TRAINING IN
1. DOT NET
2. C sharp
3. ASP
4. VB
5. SQL SERVER
6. JAVA
7. J2EE
8. STRINGS
9. ORACLE
10. VB dotNET
11. EMBEDDED
12. MAT LAB
13. LAB VIEW
14. Multi Sim
CONTACT US
1 CRORE PROJECTS
Door No: 214/215,2nd Floor,
No. 172, Raahat Plaza, (Shopping Mall) ,Arcot Road, Vadapalani, Chennai,
Tamin Nadu, INDIA - 600 026
Email id: 1croreprojects@gmail.com
website:1croreprojects.com
Phone : +91 97518 00789 / +91 72999 51536
Audit free cloud storage via deniable attribute based encryptionMano Sriram
1) Cloud storage services have become popular, but user privacy is a concern as data owners do not want unauthorized access. Existing encryption schemes assume cloud providers are trusted, but they could be forced to reveal secrets.
2) The document proposes a new encryption scheme called deniable Ciphertext Policy Attribute Based Encryption (CP-ABE) that allows cloud providers to create fake user secrets, protecting real secrets even if the provider is coerced.
3) By using deniable CP-ABE, cloud providers can convince coercers that obtained secrets are genuine while actually protecting user privacy, addressing a key limitation of prior encryption schemes.
This document summarizes a research paper on secured authorized deduplication in a hybrid cloud system. The system aims to provide data deduplication, differential authorization for access, and confidentiality of data files. It involves a public cloud for storage, a private cloud for managing access tokens, and users who generate keys for files stored on the public cloud. When uploading a file, the user encrypts it and sends it to the public cloud along with the key to the private cloud. To download, the user must provide the correct key to the private cloud to gain access to encrypted files from the public cloud. This hybrid cloud model uses deduplication for storage optimization while controlling access through differential authorization of private keys.
Improving Efficiency of Security in Multi-CloudIJTET Journal
Abstract--Due to risk in service availability failure and the possibilities of malicious insiders in the single cloud, a movement towards “Multi-clouds” has emerged recently. In general a multi-cloud security system there is a possibility for third party to access the user files. Ensuring security in this stage has become tedious since, most of the activities are done in network. In this paper, an enhanced security methodology has been introduced in order to make the data stored in cloud more secure. Duple authentication process introduced in this concept defends malicious insiders and shields the private data. Various disadvantages in traditional systems like unauthorized access, hacking have been overcome in this proposed system and a comparison made with the traditional systems in terms of performance and computational time have shown better results.
International Journal of Engineering and Science Invention (IJESI)inventionjournals
International Journal of Engineering and Science Invention (IJESI) is an international journal intended for professionals and researchers in all fields of computer science and electronics. IJESI publishes research articles and reviews within the whole field Engineering Science and Technology, new teaching methods, assessment, validation and the impact of new technologies and it will continue to provide information on the latest trends and developments in this ever-expanding subject. The publications of papers are selected through double peer reviewed to ensure originality, relevance, and readability. The articles published in our journal can be accessed online
A Hybrid Cloud Approach for Secure Authorized Deduplication1crore projects
- The document proposes a new deduplication system that supports differential or authorized duplicate checking in a hybrid cloud architecture consisting of a public and private cloud. This allows users to securely check for duplicates of files based on their privileges.
- Convergent encryption is used to encrypt files for deduplication while maintaining confidentiality. A new construction is presented that additionally encrypts files with keys derived from user privileges to enforce access control during duplicate checking.
- The system aims to efficiently solve the problem of deduplication with access control in cloud computing. It allows duplicate checking of files marked with a user's corresponding privileges to realize access control while preserving benefits of deduplication.
Key-Aggregate Searchable Encryption (KASE) for Group Data Sharing via Cloud S...1crore projects
IEEE PROJECTS 2015
1 crore projects is a leading Guide for ieee Projects and real time projects Works Provider.
It has been provided Lot of Guidance for Thousands of Students & made them more beneficial in all Technology Training.
Dot Net
DOTNET Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
Java Project Domain list 2015
1. IEEE based on datamining and knowledge engineering
2. IEEE based on mobile computing
3. IEEE based on networking
4. IEEE based on Image processing
5. IEEE based on Multimedia
6. IEEE based on Network security
7. IEEE based on parallel and distributed systems
ECE IEEE Projects 2015
1. Matlab project
2. Ns2 project
3. Embedded project
4. Robotics project
Eligibility
Final Year students of
1. BSc (C.S)
2. BCA/B.E(C.S)
3. B.Tech IT
4. BE (C.S)
5. MSc (C.S)
6. MSc (IT)
7. MCA
8. MS (IT)
9. ME(ALL)
10. BE(ECE)(EEE)(E&I)
TECHNOLOGY USED AND FOR TRAINING IN
1. DOT NET
2. C sharp
3. ASP
4. VB
5. SQL SERVER
6. JAVA
7. J2EE
8. STRINGS
9. ORACLE
10. VB dotNET
11. EMBEDDED
12. MAT LAB
13. LAB VIEW
14. Multi Sim
CONTACT US
1 CRORE PROJECTS
Door No: 214/215,2nd Floor,
No. 172, Raahat Plaza, (Shopping Mall) ,Arcot Road, Vadapalani, Chennai,
Tamin Nadu, INDIA - 600 026
Email id: 1croreprojects@gmail.com
website:1croreprojects.com
Phone : +91 97518 00789 / +91 72999 51536
Audit free cloud storage via deniable attribute based encryptionMano Sriram
1) Cloud storage services have become popular, but user privacy is a concern as data owners do not want unauthorized access. Existing encryption schemes assume cloud providers are trusted, but they could be forced to reveal secrets.
2) The document proposes a new encryption scheme called deniable Ciphertext Policy Attribute Based Encryption (CP-ABE) that allows cloud providers to create fake user secrets, protecting real secrets even if the provider is coerced.
3) By using deniable CP-ABE, cloud providers can convince coercers that obtained secrets are genuine while actually protecting user privacy, addressing a key limitation of prior encryption schemes.
1) The document proposes a system model for secure data sharing in cloud environments using cryptography.
2) It aims to provide data confidentiality, access control of shared data, remove the burden of key management and file encryption/decryption for users, and support dynamic changes to user membership without requiring the data owner to always be online.
3) The proposed system addresses common challenges with secure data sharing in cloud computing like data security, access control, key management, and user revocation and rejoining.
IRJET- Multiple Keyword Search over Encrypted Cloud DataIRJET Journal
This document proposes a system for multi-keyword ranked search over encrypted cloud data. The system consists of four main components: data owners who upload encrypted data to the cloud server, data users who search for and access encrypted files, an administrator server that handles authentication and generates trapdoors for searches, and the cloud server that stores the encrypted data and indexes. When a data user performs a search, the administrator generates an encrypted trapdoor for the keywords to allow searching without revealing the plaintext to the cloud server. Search results are ranked based on factors like download frequency. The proposed system aims to provide secure, authenticated searches over outsourced encrypted data while preserving data privacy.
Key aggregate searchable encryption (kase) for group data sharing via cloud s...Pvrtechnologies Nellore
This document describes a proposed cryptosystem for secure and efficient data sharing in cloud storage. It allows a user to encrypt files with different public keys but send a receiver a single constant-size decryption key that gives decryption rights to any set of ciphertexts. This allows flexible sharing of encrypted data while keeping decryption keys compact. The proposed system aims to address disadvantages of existing approaches like unexpected privilege escalation exposing all data or inefficient key sizes. It provides security based on number-theoretic assumptions without relying on servers for access control.
An efficient, secure deduplication data storing in cloud storage environmenteSAT Journals
This document proposes an efficient and secure method for deduplication of data stored in cloud environments. It describes encrypting data at the client side before uploading to the cloud using convergent encryption. A Merkle tree is used to generate a unique identifier for the encrypted data. Access to encrypted data files is controlled through authorization of decryption keys for authorized cloud users stored in a log file. This approach aims to provide privacy and prevent unauthorized access to outsourced data while allowing controlled sharing between cloud users.
Improving security for data migration in cloud computing using randomized enc...IOSR Journals
1) The document proposes an encryption technique using randomization to improve security for data migration in cloud computing. It aims to address major security issues in cloud data migration like confidentiality, integrity, reliability and data security.
2) The proposed method uses a random key to encrypt data, and then encrypts the random key with a shared key before transmission. This adds an extra layer of security by obscuring the actual encryption key.
3) It is concluded that the randomized encryption technique makes it difficult for attackers to analyze encrypted texts and determine if they correspond to the same plaintext, improving security over existing methods for cloud data migration.
A Hybrid Cloud Approach for Secure Authorized DeduplicationSWAMI06
Data deduplication is one of important data compression techniques for eliminating duplicate copies of repeating data,
and has been widely used in cloud storage to reduce the amount of storage space and save bandwidth. To protect the confidentiality
of sensitive data while supporting deduplication, the convergent encryption technique has been proposed to encrypt the data before
outsourcing. To better protect data security, this paper makes the first attempt to formally address the problem of authorized data
deduplication. Different from traditional deduplication systems, the differential privileges of users are further considered in duplicate
check besides the data itself.We also present several new deduplication constructions supporting authorized duplicate check in a hybrid
cloud architecture. Security analysis demonstrates that our scheme is secure in terms of the definitions specified in the proposed
security model. As a proof of concept, we implement a prototype of our proposed authorized duplicate check scheme and conduct
testbed experiments using our prototype. We show that our proposed authorized duplicate check scheme incurs minimal overhead
compared to normal operations.
This document proposes and compares several privacy-preserving encrypted keyword search schemes for cloud storage. It introduces three main participants in such schemes: users, a key server, and a cloud service provider (CSP). It then describes three specific schemes - Public Key Encryption with Keyword Search (PEKS), Efficient and Privacy Preserving Keyword Search (EPPKS), and Secure and Privacy Preserving Keyword Search (SPKS). PEKS allows searching on encrypted keywords but requires the user to decrypt files. EPPKS offloads some computation to the CSP but is not resistant to statistical attacks. SPKS enables partial decryption by the CSP, reducing user computation costs while preserving privacy and flexibility. The document argues that SPKS provides the
Two Level Auditing Architecture to Maintain Consistent In Cloudtheijes
The International Journal of Engineering & Science is aimed at providing a platform for researchers, engineers, scientists, or educators to publish their original research results, to exchange new ideas, to disseminate information in innovative designs, engineering experiences and technological skills. It is also the Journal's objective to promote engineering and technology education. All papers submitted to the Journal will be blind peer-reviewed. Only original articles will be published.
The papers for publication in The International Journal of Engineering& Science are selected through rigorous peer reviews to ensure originality, timeliness, relevance, and readability.
Theoretical work submitted to the Journal should be original in its motivation or modeling structure. Empirical analysis should be based on a theoretical framework and should be capable of replication. It is expected that all materials required for replication (including computer programs and data sets) should be available upon request to the authors.
The International Journal of Engineering & Science would take much care in making your article published without much delay with your kind cooperation
This document proposes an efficient multi-keyword ranked search (EMRS) scheme over encrypted mobile cloud data through blind storage. The EMRS enables search users to perform multi-keyword searches over encrypted documents stored on a cloud server and receive ranked search results based on relevance. It utilizes techniques like relevance scoring, secure k-nearest neighbor computation, and blind storage to provide search functionality while preserving security and privacy. The scheme is analyzed to demonstrate that it achieves confidentiality of documents and index, trapdoor privacy, trapdoor unlinkability, and conceals access patterns, addressing key security requirements. Experimental results show the EMRS provides improved efficiency and functionality compared to existing proposals.
The document proposes a secure client-side deduplication scheme called KeyD that uses identity-based broadcast encryption instead of independent key management to effectively manage convergent keys for deduplication. KeyD ensures data confidentiality and convergent key security while providing ownership privacy. Experimental results show that KeyD achieves better tradeoffs between storage costs, communication overhead, and computation overhead compared to traditional deduplication schemes.
A Review on Key-Aggregate Cryptosystem for Climbable Knowledge Sharing in Clo...Editor IJCATR
The Data sharing is an important functionality in cloud storage. In this article, we show how to securely, efficiently, and
flexibly share data with others in cloud storage. We describe new public-key cryptosystems which produce constant-size ciphertexts
such that efficient delegation of decryption rights for any set of ciphertexts are possible. The novelty is that one can aggregate any set
of secret keys and make them as compact as a single key, but encompassing the power of all the keys being aggregated. In other
words, the secret key holder can release a constant-size aggregate key for flexible choices of ciphertext set in cloud storage, but the
other encrypted files outside the set remain confidential. This compact aggregate key can be conveniently sent to others or be stored in
a smart card with very limited secure storage. We provide formal security analysis of our schemes in the standard model. We also
describe other application of our schemes. In particular, our schemes give the first public-key patient controlled encryption for flexible
hierarchy, which was yet to be known.
Secret keys and the packets transportation for privacy data forwarding method...eSAT Journals
Abstract The Cloud computing is the process of storing the data in the Remote server. This process doesn‘t speak much about confidentiality and robustness of the data. To improve the security and confidentiality the uploaded file from a data owner is splitted into multiple packets and stored in multiple cloud servers. These packets are encrypted using the primary key. These different keys are also distributed in multiple key servers. User id is appended for verification. If the data owner forwards the file then the keys are verified for the data access. In this we are proposing sending the secret key as SMS to the shared or forwarded nodes for the process of proper Security. This technique integrates the concepts of encryption, encoding and forwarding. Keywords-cloud computing, encryption, storage system
Secret keys and the packets transportation for privacy data forwarding method...eSAT Publishing House
This document proposes a method for improving data security and privacy in cloud data forwarding. The method involves splitting a data owner's encrypted file into multiple packets, encrypting each packet, and storing the packets and encryption keys across multiple cloud servers. If the data owner wants to forward the file, they send the encrypted packets and verify the recipient's identity. To further enhance security, the decryption key is sent as an SMS rather than over the cloud servers. This integrates concepts of encryption, encoding, and key distribution to improve data confidentiality when files are forwarded in the cloud.
Secure Authorised De-duplication using Convergent Encryption TechniqueEswar Publications
Cloud computing means retrieve and storing information and programs over the Internet instead of your computer's hard drive. To protect confidentiality of the perceptive data while supporting de-duplication data is encrypted by the projected convergent encryption method before out sourcing. It makes the first attempt to properly address the problem of authorized data deduplication. We also present some new deduplication
constructions supporting authorized duplicate in cloud using symmetric algorithm. Data deduplication is one of the techniques which used to solve the repetition of data. The deduplication techniques are commonly used in the cloud server for reducing the space of the server. To prevent the unauthorized use of data accessing and generate duplicate data on cloud the encryption technique to encrypt the data before stored on cloud server.
- The document discusses a thesis submitted on the Password Authenticated Key Exchange Protocol (PAKE) which allows two parties to establish a secure communication channel by exchanging a secret key based on a shared password.
- It proposes using public key cryptography like RSA to generate a session key, and symmetric key encryption like AES to generate a public key by encrypting the secret key along with the shared password. Hashing with SHA-1 is also used to provide data integrity.
- The implementation uses Java to encrypt and decrypt strings and files to demonstrate that the PAKE protocol provides security even when parties share a simple password.
This document is a thesis submitted by Thivya Devaraj to the University of Limerick for the degree of Master of Engineering in Information and Network Security. The thesis focuses on Password Authenticated Key Exchange (PAKE) protocols. It includes chapters on literature review of existing PAKE protocols, algorithms used such as RSA, AES, and hashing, an overview of the Encrypted Key Exchange protocol, implementation of a PAKE protocol using Java, results, and conclusions. The document provides background on PAKE protocols and evaluates existing approaches before proposing an implementation.
Access control in decentralized online social networks applying a policy hidi...IGEEKS TECHNOLOGIES
The document proposes a policy-hiding cryptographic scheme for access control in decentralized online social networks that aims to achieve both privacy and performance. Existing DOSNs reveal access policies but some cryptographic variants hide policies at the cost of performance. The proposed scheme uses predicate encryption with a univariate polynomial construction for access policies that drastically improves performance while leaking some policy information. Bloom filters are also used to decrease decryption time and indicate decryptable objects. The goal is to enable privacy-preserving access control without compromising usability in resource-constrained DOSN environments.
KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARING IN CLOUDNaseem nisar
1. EASiER proposes an encryption-based access control architecture for social networks that uses attribute-based encryption. It introduces a minimally trusted proxy to enable efficient revocation without reissuing keys.
2. Multi-authority attribute based encryption schemes allow multiple authorities to issue secret keys for attributes. This is useful in applications with attributes managed by different authorities.
3. Existing social network privacy architectures focus on encryption-based access control but do not address efficient revocation of users or attributes. EASiER addresses this issue.
Este documento presenta resúmenes biográficos de 10 personajes históricos dominicanos: Gregorio Luperón, Fernando Arturo de Meriño, Ulises Heureaux, Pedro Francisco Bonó, Eugenio Deschamps, Máximo Gómez, Eugenio María de Hostos, Salomé Ureña, Américo Lugo y Ramón Natera. Cada sección describe su trayectoria vital y su papel en la historia política y cultural de la República Dominicana.
1) The document proposes a system model for secure data sharing in cloud environments using cryptography.
2) It aims to provide data confidentiality, access control of shared data, remove the burden of key management and file encryption/decryption for users, and support dynamic changes to user membership without requiring the data owner to always be online.
3) The proposed system addresses common challenges with secure data sharing in cloud computing like data security, access control, key management, and user revocation and rejoining.
IRJET- Multiple Keyword Search over Encrypted Cloud DataIRJET Journal
This document proposes a system for multi-keyword ranked search over encrypted cloud data. The system consists of four main components: data owners who upload encrypted data to the cloud server, data users who search for and access encrypted files, an administrator server that handles authentication and generates trapdoors for searches, and the cloud server that stores the encrypted data and indexes. When a data user performs a search, the administrator generates an encrypted trapdoor for the keywords to allow searching without revealing the plaintext to the cloud server. Search results are ranked based on factors like download frequency. The proposed system aims to provide secure, authenticated searches over outsourced encrypted data while preserving data privacy.
Key aggregate searchable encryption (kase) for group data sharing via cloud s...Pvrtechnologies Nellore
This document describes a proposed cryptosystem for secure and efficient data sharing in cloud storage. It allows a user to encrypt files with different public keys but send a receiver a single constant-size decryption key that gives decryption rights to any set of ciphertexts. This allows flexible sharing of encrypted data while keeping decryption keys compact. The proposed system aims to address disadvantages of existing approaches like unexpected privilege escalation exposing all data or inefficient key sizes. It provides security based on number-theoretic assumptions without relying on servers for access control.
An efficient, secure deduplication data storing in cloud storage environmenteSAT Journals
This document proposes an efficient and secure method for deduplication of data stored in cloud environments. It describes encrypting data at the client side before uploading to the cloud using convergent encryption. A Merkle tree is used to generate a unique identifier for the encrypted data. Access to encrypted data files is controlled through authorization of decryption keys for authorized cloud users stored in a log file. This approach aims to provide privacy and prevent unauthorized access to outsourced data while allowing controlled sharing between cloud users.
Improving security for data migration in cloud computing using randomized enc...IOSR Journals
1) The document proposes an encryption technique using randomization to improve security for data migration in cloud computing. It aims to address major security issues in cloud data migration like confidentiality, integrity, reliability and data security.
2) The proposed method uses a random key to encrypt data, and then encrypts the random key with a shared key before transmission. This adds an extra layer of security by obscuring the actual encryption key.
3) It is concluded that the randomized encryption technique makes it difficult for attackers to analyze encrypted texts and determine if they correspond to the same plaintext, improving security over existing methods for cloud data migration.
A Hybrid Cloud Approach for Secure Authorized DeduplicationSWAMI06
Data deduplication is one of important data compression techniques for eliminating duplicate copies of repeating data,
and has been widely used in cloud storage to reduce the amount of storage space and save bandwidth. To protect the confidentiality
of sensitive data while supporting deduplication, the convergent encryption technique has been proposed to encrypt the data before
outsourcing. To better protect data security, this paper makes the first attempt to formally address the problem of authorized data
deduplication. Different from traditional deduplication systems, the differential privileges of users are further considered in duplicate
check besides the data itself.We also present several new deduplication constructions supporting authorized duplicate check in a hybrid
cloud architecture. Security analysis demonstrates that our scheme is secure in terms of the definitions specified in the proposed
security model. As a proof of concept, we implement a prototype of our proposed authorized duplicate check scheme and conduct
testbed experiments using our prototype. We show that our proposed authorized duplicate check scheme incurs minimal overhead
compared to normal operations.
This document proposes and compares several privacy-preserving encrypted keyword search schemes for cloud storage. It introduces three main participants in such schemes: users, a key server, and a cloud service provider (CSP). It then describes three specific schemes - Public Key Encryption with Keyword Search (PEKS), Efficient and Privacy Preserving Keyword Search (EPPKS), and Secure and Privacy Preserving Keyword Search (SPKS). PEKS allows searching on encrypted keywords but requires the user to decrypt files. EPPKS offloads some computation to the CSP but is not resistant to statistical attacks. SPKS enables partial decryption by the CSP, reducing user computation costs while preserving privacy and flexibility. The document argues that SPKS provides the
Two Level Auditing Architecture to Maintain Consistent In Cloudtheijes
The International Journal of Engineering & Science is aimed at providing a platform for researchers, engineers, scientists, or educators to publish their original research results, to exchange new ideas, to disseminate information in innovative designs, engineering experiences and technological skills. It is also the Journal's objective to promote engineering and technology education. All papers submitted to the Journal will be blind peer-reviewed. Only original articles will be published.
The papers for publication in The International Journal of Engineering& Science are selected through rigorous peer reviews to ensure originality, timeliness, relevance, and readability.
Theoretical work submitted to the Journal should be original in its motivation or modeling structure. Empirical analysis should be based on a theoretical framework and should be capable of replication. It is expected that all materials required for replication (including computer programs and data sets) should be available upon request to the authors.
The International Journal of Engineering & Science would take much care in making your article published without much delay with your kind cooperation
This document proposes an efficient multi-keyword ranked search (EMRS) scheme over encrypted mobile cloud data through blind storage. The EMRS enables search users to perform multi-keyword searches over encrypted documents stored on a cloud server and receive ranked search results based on relevance. It utilizes techniques like relevance scoring, secure k-nearest neighbor computation, and blind storage to provide search functionality while preserving security and privacy. The scheme is analyzed to demonstrate that it achieves confidentiality of documents and index, trapdoor privacy, trapdoor unlinkability, and conceals access patterns, addressing key security requirements. Experimental results show the EMRS provides improved efficiency and functionality compared to existing proposals.
The document proposes a secure client-side deduplication scheme called KeyD that uses identity-based broadcast encryption instead of independent key management to effectively manage convergent keys for deduplication. KeyD ensures data confidentiality and convergent key security while providing ownership privacy. Experimental results show that KeyD achieves better tradeoffs between storage costs, communication overhead, and computation overhead compared to traditional deduplication schemes.
A Review on Key-Aggregate Cryptosystem for Climbable Knowledge Sharing in Clo...Editor IJCATR
The Data sharing is an important functionality in cloud storage. In this article, we show how to securely, efficiently, and
flexibly share data with others in cloud storage. We describe new public-key cryptosystems which produce constant-size ciphertexts
such that efficient delegation of decryption rights for any set of ciphertexts are possible. The novelty is that one can aggregate any set
of secret keys and make them as compact as a single key, but encompassing the power of all the keys being aggregated. In other
words, the secret key holder can release a constant-size aggregate key for flexible choices of ciphertext set in cloud storage, but the
other encrypted files outside the set remain confidential. This compact aggregate key can be conveniently sent to others or be stored in
a smart card with very limited secure storage. We provide formal security analysis of our schemes in the standard model. We also
describe other application of our schemes. In particular, our schemes give the first public-key patient controlled encryption for flexible
hierarchy, which was yet to be known.
Secret keys and the packets transportation for privacy data forwarding method...eSAT Journals
Abstract The Cloud computing is the process of storing the data in the Remote server. This process doesn‘t speak much about confidentiality and robustness of the data. To improve the security and confidentiality the uploaded file from a data owner is splitted into multiple packets and stored in multiple cloud servers. These packets are encrypted using the primary key. These different keys are also distributed in multiple key servers. User id is appended for verification. If the data owner forwards the file then the keys are verified for the data access. In this we are proposing sending the secret key as SMS to the shared or forwarded nodes for the process of proper Security. This technique integrates the concepts of encryption, encoding and forwarding. Keywords-cloud computing, encryption, storage system
Secret keys and the packets transportation for privacy data forwarding method...eSAT Publishing House
This document proposes a method for improving data security and privacy in cloud data forwarding. The method involves splitting a data owner's encrypted file into multiple packets, encrypting each packet, and storing the packets and encryption keys across multiple cloud servers. If the data owner wants to forward the file, they send the encrypted packets and verify the recipient's identity. To further enhance security, the decryption key is sent as an SMS rather than over the cloud servers. This integrates concepts of encryption, encoding, and key distribution to improve data confidentiality when files are forwarded in the cloud.
Secure Authorised De-duplication using Convergent Encryption TechniqueEswar Publications
Cloud computing means retrieve and storing information and programs over the Internet instead of your computer's hard drive. To protect confidentiality of the perceptive data while supporting de-duplication data is encrypted by the projected convergent encryption method before out sourcing. It makes the first attempt to properly address the problem of authorized data deduplication. We also present some new deduplication
constructions supporting authorized duplicate in cloud using symmetric algorithm. Data deduplication is one of the techniques which used to solve the repetition of data. The deduplication techniques are commonly used in the cloud server for reducing the space of the server. To prevent the unauthorized use of data accessing and generate duplicate data on cloud the encryption technique to encrypt the data before stored on cloud server.
- The document discusses a thesis submitted on the Password Authenticated Key Exchange Protocol (PAKE) which allows two parties to establish a secure communication channel by exchanging a secret key based on a shared password.
- It proposes using public key cryptography like RSA to generate a session key, and symmetric key encryption like AES to generate a public key by encrypting the secret key along with the shared password. Hashing with SHA-1 is also used to provide data integrity.
- The implementation uses Java to encrypt and decrypt strings and files to demonstrate that the PAKE protocol provides security even when parties share a simple password.
This document is a thesis submitted by Thivya Devaraj to the University of Limerick for the degree of Master of Engineering in Information and Network Security. The thesis focuses on Password Authenticated Key Exchange (PAKE) protocols. It includes chapters on literature review of existing PAKE protocols, algorithms used such as RSA, AES, and hashing, an overview of the Encrypted Key Exchange protocol, implementation of a PAKE protocol using Java, results, and conclusions. The document provides background on PAKE protocols and evaluates existing approaches before proposing an implementation.
Access control in decentralized online social networks applying a policy hidi...IGEEKS TECHNOLOGIES
The document proposes a policy-hiding cryptographic scheme for access control in decentralized online social networks that aims to achieve both privacy and performance. Existing DOSNs reveal access policies but some cryptographic variants hide policies at the cost of performance. The proposed scheme uses predicate encryption with a univariate polynomial construction for access policies that drastically improves performance while leaking some policy information. Bloom filters are also used to decrease decryption time and indicate decryptable objects. The goal is to enable privacy-preserving access control without compromising usability in resource-constrained DOSN environments.
KEY AGGREGATE CRYPTOSYSTEM FOR SCALABLE DATA SHARING IN CLOUDNaseem nisar
1. EASiER proposes an encryption-based access control architecture for social networks that uses attribute-based encryption. It introduces a minimally trusted proxy to enable efficient revocation without reissuing keys.
2. Multi-authority attribute based encryption schemes allow multiple authorities to issue secret keys for attributes. This is useful in applications with attributes managed by different authorities.
3. Existing social network privacy architectures focus on encryption-based access control but do not address efficient revocation of users or attributes. EASiER addresses this issue.
Este documento presenta resúmenes biográficos de 10 personajes históricos dominicanos: Gregorio Luperón, Fernando Arturo de Meriño, Ulises Heureaux, Pedro Francisco Bonó, Eugenio Deschamps, Máximo Gómez, Eugenio María de Hostos, Salomé Ureña, Américo Lugo y Ramón Natera. Cada sección describe su trayectoria vital y su papel en la historia política y cultural de la República Dominicana.
La Revolución Haitiana se desarrolló en varias etapas: 1) las contradicciones entre los blancos y las demandas de derechos de los mulatos dieron inicio a la revolución, 2) los esclavos se rebelaron buscando su libertad, y 3) la intervención extranjera y la proclamación de libertad de los esclavos por Francia llevaron al líder Toussaint Louverture al poder, estableciendo una dictadura militar y aboliendo la esclavitud.
El socialismo propone la propiedad y administración de los medios de producción por las clases trabajadoras para lograr igualdad política, social y económica. Surgió como protesta al capitalismo en el siglo XIX debido a la explotación de los obreros y el maquinismo. Propone la propiedad colectiva y el control estatal de la economía en lugar de la propiedad privada. Algunos precursores fueron Robert Owen, Carlos Marx y Friedrich Engels.
This document discusses anti-parkinson agents. It outlines their objectives, indications, contraindications, mechanisms of action, dosages, side effects, and nurses' responsibilities regarding these drugs. Anti-parkinson agents work by increasing dopamine activity or reducing acetylcholine activity in the central nervous system. They are used to treat drug-induced parkinsonism and as an adjunct for parkinsonism. Common side effects include dizziness, drowsiness, weakness, and dry mouth. Nurses should monitor for side effects and educate patients on proper usage.
This document outlines the key aspects of seminars as a teaching method. It defines a seminar as an interactive group discussion, typically involving 10-20 students, where one student presents a paper for 15-20 minutes to be discussed. The purposes of seminars are to promote independent and critical learning, student involvement, and a sense of responsibility and community. The roles of the teacher are to structure discussions and ensure all students participate, while students are responsible for leading discussions and organizing seminars. Advantages include active learning, analytical thinking, and communication skills, while the main limitation is the time-consuming nature of seminars.
Behavior therapy is a form of treatment that establishes a professional relationship between a trained person and a patient to modify or remove symptoms and promote growth. It is based on assumptions that all behavior is learned, maladaptive behavior can be unlearned and replaced, and treatment strategies are individually tailored. Common behavior techniques include systematic desensitization, flooding, aversion therapy, operant conditioning using reinforcement or punishment, and assertiveness/social skills training.
Atelectasis is the collapse or closure of the lungs caused by the absence of air in parts of the lung. It develops when alveoli become airless and collapse. Common causes include obstruction of the airways, diminished lung expansion, retained secretions, altered breathing patterns during anesthesia or sedation, and compression of the lungs. Symptoms may include cough, difficulty breathing, and low oxygen levels. Treatment focuses on removing obstructions and secretions through techniques like suctioning, chest physiotherapy, and bronchodilators to reinflate the lungs. More severe cases may require procedures like bronchoscopy or mechanical ventilation.
The document discusses secure data sharing in cloud storage using a key-aggregate cryptosystem (KAC) which allows efficient delegation of decryption rights for any set of ciphertexts. KAC produces constant size ciphertexts and allows any set of secret keys to be aggregated into a single key encompassing the power of the keys being aggregated. This aggregate key can then be sent to others for decryption of the ciphertext set while keeping files outside the set confidential.
key aggregate cryptosystem for scalable data sharing in cloud storage abstractSanjana Yemajala
This document proposes a key-aggregate cryptosystem (KAC) for securely and flexibly sharing encrypted data in cloud storage. KAC allows a data owner to encrypt files under different class identifiers and generate a single aggregate key encompassing decryption power for any chosen ciphertext class set. This aggregate key can be sent through limited secure channels like email, addressing disadvantages of traditional approaches that require sending many distinct secret keys. The proposed solution could help Alice securely share specific encrypted files on Dropbox with Bob by sending him a single aggregate key.
key aggregate cryptosystem for scalable data sharing in cloudSravan Narra
The document proposes a new key-aggregate cryptosystem (KAC) for secure and efficient data sharing in cloud storage. KAC allows encrypting data under a public key and identifier, and extracting an aggregate secret key from a master secret key. The aggregate key is compact yet provides decryption power for any subset of ciphertexts. This allows flexible delegation of decryption rights by sending a constant-sized aggregate key for sharing encrypted data on cloud storage. Formal security analysis is provided for the cryptosystem in the standard model.
This document proposes a key-aggregate encryption scheme called Input Cumulative Cryptosystem for secure and scalable data sharing in cloud computing. The scheme allows a data owner to generate a constant-size aggregate decryption key that can decrypt multiple ciphertexts. The key has the combined decryption power of all individual secret keys. An intrusion detection system also monitors communication between hosts to only allow data sharing between trusted hosts, improving security. The proposed system aims to address issues with existing approaches that require distributing multiple decryption keys or have fixed hierarchies for access control. It allows flexible delegation of decryption rights for dynamic sets of ciphertexts in cloud storage.
iaetsd Secured multiple keyword ranked search over encrypted databasesIaetsd Iaetsd
This document proposes a Robust Key-Aggregate Cryptosystem (RKAC) that allows flexible and efficient assignment of decryption rights for encrypted data stored in cloud storage. The RKAC produces constant-sized ciphertexts such that a constant-sized aggregate decryption key can decrypt any subset of ciphertexts. This allows the data owner to share access to selected encrypted files by sending a single small aggregate key to authorized users, without decrypting the files themselves or distributing individual keys. The RKAC is described as providing a secure and flexible method for sharing encrypted data stored in the cloud.
Key aggregate searchable encryption (kase) for group data sharing via cloud s...CloudTechnologies
We are the company providing Complete Solution for all Academic Final Year/Semester Student Projects. Our projects are
suitable for B.E (CSE,IT,ECE,EEE), B.Tech (CSE,IT,ECE,EEE),M.Tech (CSE,IT,ECE,EEE) B.sc (IT & CSE), M.sc (IT & CSE),
MCA, and many more..... We are specialized on Java,Dot Net ,PHP & Andirod technologies. Each Project listed comes with
the following deliverable: 1. Project Abstract 2. Complete functional code 3. Complete Project report with diagrams 4.
Database 5. Screen-shots 6. Video File
SERVICE AT CLOUDTECHNOLOGIES
IEEE, WEB, WINDOWS PROJECTS ON DOT NET, JAVA& ANDROID TECHNOLOGIES,EMBEDDED SYSTEMS,MAT LAB,VLSI DESIGN.
ME, M-TECH PAPER PUBLISHING
COLLEGE TRAINING
Thanks&Regards
cloudtechnologies
# 304, Siri Towers,Behind Prime Hospitals
Maitrivanam, Ameerpet.
Contact:-8121953811,8522991105.040-65511811
cloudtechnologiesprojects@gmail.com
http://cloudstechnologies.in/
The capability of involving the selection sharing encrypted data with different users via public
cloud storage may greatly ease security concerns over not intended data leaks in the cloud. A key
challenge to designing such encryption schemes to be sustainable in the efficient management of
encryption keys. The desired flexibility of sharing any group of selected documents with any group of
users need for something different encryption keys to be used for different documents. However, this
also implies the urgent need of securely distributing to users a large number of keys for both encryption
and search, and those users will have to protected from danger store the received keys, and submit an
equally large number of keyword trapdoors to the cloud in order to perform search over the shared data
implied need for secure communication, storage, and complexity clearly to give to someone the
approach impractical. In this work a data owner only needs to distribute a single key to a user for
sharing a very large number of documents, and the user only needs to submit a single trapdoor to the
cloud for querying the shared documents. User Revocation is used for Key Updation. Forward Secrecy
and Backward Secrecy is used.
Secured architecture for multi cloud using key aggregation techniqueeSAT Journals
Abstract Data storage and data sharing is the most important aspect in cloud computing, so sharing data and storing it in a secure way is the biggest task when adopting cloud services. In this paper, we will discuss how to share and store data effectively which will prevent the third party to access the secure data in cloud storage. This article provides a survey of using multiple clouds to achieve a security. In this we are introducing a public-key encryption known as Key-aggregate Cryptosystem (KAC). Cryptography is a technique which encodes a data using some key and produces unreadable data so that only a desired party is able to decode that data. KAC produces a constant size ciphertexts (unreadable data) such that decryption right for any set of ciphertexts are possible, means one can aggregate any set of secret keys and make them as compact as single key, but encompassing the power of all the keys being aggregate. This aggregate key is sent to other via secure channel (or via email) for decrypting the ciphertext set and remaining files outside the set are remains secret. Keywords: Cloud, multicloud, key-aggregate encryption, data storage, data sharing and security.
JPJ1408 Key-Aggregate Cryptosystem for Scalable Data Sharing in Cloud Storagechennaijp
We are good ieee java projects development center in chennai and pondicherry. We guided advanced java techonolgies projects of cloud computing, data mining, Secure Computing, Networking, Parallel & Distributed Systems, Mobile Computing and Service Computing (Web Service).
For More Details:
http://jpinfotech.org/final-year-ieee-projects/2014-ieee-projects/java-projects/
This document proposes a new encryption scheme called compact summation key encryption for secure data sharing in hybrid cloud storage. It aims to address limitations of existing approaches like predefined hierarchical schemes, attribute-based encryption, and identity-based encryption which cannot provide security to individual files or have non-constant size keys. The new scheme uses five algorithms: setup, key generation, encryption, extraction and decryption. It generates constant size public and master secret keys. Encryption uses file indexes and bilinear groups to create ciphertexts. Extraction combines decryption keys into a single compact summation key using bilinear pairing operations. This key can then decrypt ciphertexts for multiple file indexes, improving flexibility and efficiency of secure data sharing in cloud storage.
Secure Data Sharing Using Compact Summation key in Hybrid Cloud StorageIOSR Journals
This document proposes a new encryption scheme called compact summation key encryption for secure data sharing in hybrid cloud storage. It aims to address limitations of existing approaches like predefined hierarchical schemes, attribute-based encryption, and identity-based encryption which cannot provide security to individual files or have non-constant size keys. The new scheme uses five algorithms: setup, key generation, encryption, extraction and decryption. It generates constant size public and master secret keys. Encryption uses file indexes and bilinear groups to create ciphertexts. Extraction combines decryption keys into a single compact summation key using bilinear pairing operations. This key can then decrypt ciphertexts for multiple file indexes, improving flexibility and efficiency of secure data sharing in cloud storage.
A PRACTICAL CLIENT APPLICATION BASED ON ATTRIBUTE-BASED ACCESS CONTROL FOR UN...cscpconf
One of widely used cryptographic primitives for the cloud application is Attribute Based Encryption (ABE) where users can have their own attributes and a ciphertext encrypted by an access policy. Though ABE provides many benefits, the novelty often only exists in an academic world and it is often difficult to find a practical use of ABE for a real application. In this paper, we discuss the design and implementation of a cloud storage client application which supports the concept of ABE. Our proposed client provides an effective access control mechanism where it allows different types of access policy to be defined thus allowing large datasets to be shared by multiple users. Using different access policy, each user only needs to access only a small part of the big data. The goal of our experiment is to explore the right set of strategies for developing a practical ABE-based system. Through the implementation and evaluation, we have determined the various characteristics and issues associated with developing a practical ABEbased
application.
The document summarizes key-aggregate cryptosystem (KAC), which allows efficient and flexible sharing of encrypted
data in cloud storage. KAC encrypts data under a public key and ciphertext class. The key owner can generate an
aggregate decryption key that decrypts any ciphertext whose class is contained in the key, while keeping a constant size.
This compact aggregate key can be shared to delegate decryption rights for a set of ciphertexts, without sharing individual
keys. KAC schemes aim to achieve constant-size ciphertexts, public keys, master secrets and aggregate keys to enable
flexible and efficient data sharing in cloud storage.
Iaetsd an efficient secure scheme for multi user in cloudIaetsd Iaetsd
This document proposes a secure multi-owner data sharing scheme for dynamic groups in the cloud. The scheme allows any user within a group to securely share data with others through a trusted cloud. It supports efficient dynamic groups where new users can directly access and modify files uploaded before their participation without contacting owners. User revocation is achieved through a public revocation list without changing remaining user keys. The scheme provides anonymity and security while ensuring storage and computation overhead remain constant regardless of revoked users. It aims to address challenges with existing systems through increasing redundancy of group managers and distributing workload across managers.
Audit free cloud storage via deniable attribute based encryptionKamal Spring
Cloud storage services have become increasingly popular. Because of the importance of privacy, many cloud storage encryption schemes have been proposed to protect data from those who do not have access. All such schemes assumed that cloud storage providers are safe and cannot be hacked; however, in practice, some authorities (i.e., coercers) may force cloud storage providers to reveal user secrets or confidential data on the cloud, thus altogether circumventing storage encryption schemes. In this paper, we present our design for a new cloud storage encryption scheme that enables cloud storage providers to create convincing fake user secrets to protect user privacy. Since coercers cannot tell if obtained secrets are true or not, the cloud storage providers ensure that user privacy is still securely protected. Most of the proposed schemes assume cloud storage service providers or trusted third parties handling key management are trusted and cannot be hacked; however, in practice, some entities may intercept communications between users and cloud storage providers and then compel storage providers to release user secrets by using government power or other means. In this case, encrypted data are assumed to be known and storage providers are requested to release user secrets.
International Journal of Engineering Research and Development (IJERD)IJERD Editor
journal publishing, how to publish research paper, Call For research paper, international journal, publishing a paper, IJERD, journal of science and technology, how to get a research paper published, publishing a paper, publishing of journal, publishing of research paper, reserach and review articles, IJERD Journal, How to publish your research paper, publish research paper, open access engineering journal, Engineering journal, Mathemetics journal, Physics journal, Chemistry journal, Computer Engineering, Computer Science journal, how to submit your paper, peer reviw journal, indexed journal, reserach and review articles, engineering journal, www.ijerd.com, research journals,
yahoo journals, bing journals, International Journal of Engineering Research and Development, google journals, hard copy of journal
Key aggregate cryptosystem for scalable data sharing in cloud storageMugesh Mukkandan
This document proposes a key-aggregate cryptosystem (KAC) to securely and efficiently share data in cloud storage. KAC allows data owners to generate constant-sized decryption keys that delegate access to any subset of encrypted files, without increasing key size. It describes the existing approaches that encrypt data before uploading but have increasing costs as more decryption keys are shared. The proposed KAC system uses a special public-key encryption technique that produces constant-sized aggregate decryption keys that can decrypt any ciphertext associated with attribute classes contained in the key. It outlines the authentication, encryption, sharing, and decryption modules and concludes that KAC provides a more flexible delegation method compared to hierarchical key assignment.
Secure Data Sharing and Search in Cloud Based Data Using Authoritywise Dynami...IOSRjournaljce
The Data sharing is an important functionality in cloud storage. We describe new public key crypto systems which produce constant-size cipher texts such that efficient delegation of decryption rights for any set of cipher texts are possible. The novelty is that one can aggregate any set of secret keys and make them as compact as a single key, but encompassing the power of all the keys being aggregated. Ensuring the security of cloud computing is second major factor and dealing with because of service availability failure the single cloud providers demonstrated less famous failure and possibility malicious insiders in the single cloud. A movement towards Multi-Clouds, In other words ”Inter-Clouds” or ”Cloud-Of-Clouds” as emerged recently. This works aim to reduce security risk and better flexibility and efficiency to the user. Multi-cloud environment has ability to reduce the security risks as well as it can ensure the security and reliability.
Similar to Ieeepro techno solutions 2014 ieee dotnet project -key-aggregate cryptosystem for scalable data sharing in cloud storage (20)
This document proposes and defines the problem of privacy-preserving multi-keyword ranked search over encrypted cloud data (MRSE). It establishes strict privacy requirements for such a system, including data privacy, index privacy, keyword privacy and trapdoor privacy. It presents the MRSE framework with four algorithms: Setup, BuildIndex, Trapdoor and Query. The Query algorithm allows cloud servers to perform a ranked search on encrypted indexes and return similarity-ranked results, while preserving privacy.
This document summarizes a research paper that assesses collaboration frameworks in multi-cloud environments. It explores the viability of cloud service providers collaborating to offer diverse services without heavy infrastructure spending. The paper reviews several proposed collaboration models and frameworks, including a proxy-based framework using different types of proxies, a unified multi-cloud infrastructure using open service models and configurable federations, and a proxy-as-cloud-broker model using dynamic scheduling algorithms. The paper concludes that multi-cloud environments can eliminate vendor lock-in for consumers and allow services to be accessed based on preference and need rather than a single provider. Key challenges to collaboration include standardization and security across provider platforms and services.
The document proposes a method called RAndom Space Perturbation (RASP) to provide secure and efficient range and k-nearest neighbor (kNN) query services for protected data hosted in the cloud. RASP combines order preserving encryption, dimensionality expansion, random noise injection, and random projection to transform data in a way that preserves the topology of multidimensional ranges, allowing for efficient query processing while providing strong confidentiality guarantees. The authors analyze attacks on the RASP-protected data and queries under a defined threat model and security assumptions. Experimental results demonstrate advantages of the RASP approach in efficiency and security for cloud-based query services.
Redefining brain tumor segmentation: a cutting-edge convolutional neural netw...IJECEIAES
Medical image analysis has witnessed significant advancements with deep learning techniques. In the domain of brain tumor segmentation, the ability to
precisely delineate tumor boundaries from magnetic resonance imaging (MRI)
scans holds profound implications for diagnosis. This study presents an ensemble convolutional neural network (CNN) with transfer learning, integrating
the state-of-the-art Deeplabv3+ architecture with the ResNet18 backbone. The
model is rigorously trained and evaluated, exhibiting remarkable performance
metrics, including an impressive global accuracy of 99.286%, a high-class accuracy of 82.191%, a mean intersection over union (IoU) of 79.900%, a weighted
IoU of 98.620%, and a Boundary F1 (BF) score of 83.303%. Notably, a detailed comparative analysis with existing methods showcases the superiority of
our proposed model. These findings underscore the model’s competence in precise brain tumor localization, underscoring its potential to revolutionize medical
image analysis and enhance healthcare outcomes. This research paves the way
for future exploration and optimization of advanced CNN models in medical
imaging, emphasizing addressing false positives and resource efficiency.
A review on techniques and modelling methodologies used for checking electrom...nooriasukmaningtyas
The proper function of the integrated circuit (IC) in an inhibiting electromagnetic environment has always been a serious concern throughout the decades of revolution in the world of electronics, from disjunct devices to today’s integrated circuit technology, where billions of transistors are combined on a single chip. The automotive industry and smart vehicles in particular, are confronting design issues such as being prone to electromagnetic interference (EMI). Electronic control devices calculate incorrect outputs because of EMI and sensors give misleading values which can prove fatal in case of automotives. In this paper, the authors have non exhaustively tried to review research work concerned with the investigation of EMI in ICs and prediction of this EMI using various modelling methodologies and measurement setups.
DEEP LEARNING FOR SMART GRID INTRUSION DETECTION: A HYBRID CNN-LSTM-BASED MODELgerogepatton
As digital technology becomes more deeply embedded in power systems, protecting the communication
networks of Smart Grids (SG) has emerged as a critical concern. Distributed Network Protocol 3 (DNP3)
represents a multi-tiered application layer protocol extensively utilized in Supervisory Control and Data
Acquisition (SCADA)-based smart grids to facilitate real-time data gathering and control functionalities.
Robust Intrusion Detection Systems (IDS) are necessary for early threat detection and mitigation because
of the interconnection of these networks, which makes them vulnerable to a variety of cyberattacks. To
solve this issue, this paper develops a hybrid Deep Learning (DL) model specifically designed for intrusion
detection in smart grids. The proposed approach is a combination of the Convolutional Neural Network
(CNN) and the Long-Short-Term Memory algorithms (LSTM). We employed a recent intrusion detection
dataset (DNP3), which focuses on unauthorized commands and Denial of Service (DoS) cyberattacks, to
train and test our model. The results of our experiments show that our CNN-LSTM method is much better
at finding smart grid intrusions than other deep learning algorithms used for classification. In addition,
our proposed approach improves accuracy, precision, recall, and F1 score, achieving a high detection
accuracy rate of 99.50%.
International Conference on NLP, Artificial Intelligence, Machine Learning an...gerogepatton
International Conference on NLP, Artificial Intelligence, Machine Learning and Applications (NLAIM 2024) offers a premier global platform for exchanging insights and findings in the theory, methodology, and applications of NLP, Artificial Intelligence, Machine Learning, and their applications. The conference seeks substantial contributions across all key domains of NLP, Artificial Intelligence, Machine Learning, and their practical applications, aiming to foster both theoretical advancements and real-world implementations. With a focus on facilitating collaboration between researchers and practitioners from academia and industry, the conference serves as a nexus for sharing the latest developments in the field.
Comparative analysis between traditional aquaponics and reconstructed aquapon...bijceesjournal
The aquaponic system of planting is a method that does not require soil usage. It is a method that only needs water, fish, lava rocks (a substitute for soil), and plants. Aquaponic systems are sustainable and environmentally friendly. Its use not only helps to plant in small spaces but also helps reduce artificial chemical use and minimizes excess water use, as aquaponics consumes 90% less water than soil-based gardening. The study applied a descriptive and experimental design to assess and compare conventional and reconstructed aquaponic methods for reproducing tomatoes. The researchers created an observation checklist to determine the significant factors of the study. The study aims to determine the significant difference between traditional aquaponics and reconstructed aquaponics systems propagating tomatoes in terms of height, weight, girth, and number of fruits. The reconstructed aquaponics system’s higher growth yield results in a much more nourished crop than the traditional aquaponics system. It is superior in its number of fruits, height, weight, and girth measurement. Moreover, the reconstructed aquaponics system is proven to eliminate all the hindrances present in the traditional aquaponics system, which are overcrowding of fish, algae growth, pest problems, contaminated water, and dead fish.
Understanding Inductive Bias in Machine LearningSUTEJAS
This presentation explores the concept of inductive bias in machine learning. It explains how algorithms come with built-in assumptions and preferences that guide the learning process. You'll learn about the different types of inductive bias and how they can impact the performance and generalizability of machine learning models.
The presentation also covers the positive and negative aspects of inductive bias, along with strategies for mitigating potential drawbacks. We'll explore examples of how bias manifests in algorithms like neural networks and decision trees.
By understanding inductive bias, you can gain valuable insights into how machine learning models work and make informed decisions when building and deploying them.
TIME DIVISION MULTIPLEXING TECHNIQUE FOR COMMUNICATION SYSTEMHODECEDSIET
Time Division Multiplexing (TDM) is a method of transmitting multiple signals over a single communication channel by dividing the signal into many segments, each having a very short duration of time. These time slots are then allocated to different data streams, allowing multiple signals to share the same transmission medium efficiently. TDM is widely used in telecommunications and data communication systems.
### How TDM Works
1. **Time Slots Allocation**: The core principle of TDM is to assign distinct time slots to each signal. During each time slot, the respective signal is transmitted, and then the process repeats cyclically. For example, if there are four signals to be transmitted, the TDM cycle will divide time into four slots, each assigned to one signal.
2. **Synchronization**: Synchronization is crucial in TDM systems to ensure that the signals are correctly aligned with their respective time slots. Both the transmitter and receiver must be synchronized to avoid any overlap or loss of data. This synchronization is typically maintained by a clock signal that ensures time slots are accurately aligned.
3. **Frame Structure**: TDM data is organized into frames, where each frame consists of a set of time slots. Each frame is repeated at regular intervals, ensuring continuous transmission of data streams. The frame structure helps in managing the data streams and maintaining the synchronization between the transmitter and receiver.
4. **Multiplexer and Demultiplexer**: At the transmitting end, a multiplexer combines multiple input signals into a single composite signal by assigning each signal to a specific time slot. At the receiving end, a demultiplexer separates the composite signal back into individual signals based on their respective time slots.
### Types of TDM
1. **Synchronous TDM**: In synchronous TDM, time slots are pre-assigned to each signal, regardless of whether the signal has data to transmit or not. This can lead to inefficiencies if some time slots remain empty due to the absence of data.
2. **Asynchronous TDM (or Statistical TDM)**: Asynchronous TDM addresses the inefficiencies of synchronous TDM by allocating time slots dynamically based on the presence of data. Time slots are assigned only when there is data to transmit, which optimizes the use of the communication channel.
### Applications of TDM
- **Telecommunications**: TDM is extensively used in telecommunication systems, such as in T1 and E1 lines, where multiple telephone calls are transmitted over a single line by assigning each call to a specific time slot.
- **Digital Audio and Video Broadcasting**: TDM is used in broadcasting systems to transmit multiple audio or video streams over a single channel, ensuring efficient use of bandwidth.
- **Computer Networks**: TDM is used in network protocols and systems to manage the transmission of data from multiple sources over a single network medium.
### Advantages of TDM
- **Efficient Use of Bandwidth**: TDM all
Electric vehicle and photovoltaic advanced roles in enhancing the financial p...IJECEIAES
Climate change's impact on the planet forced the United Nations and governments to promote green energies and electric transportation. The deployments of photovoltaic (PV) and electric vehicle (EV) systems gained stronger momentum due to their numerous advantages over fossil fuel types. The advantages go beyond sustainability to reach financial support and stability. The work in this paper introduces the hybrid system between PV and EV to support industrial and commercial plants. This paper covers the theoretical framework of the proposed hybrid system including the required equation to complete the cost analysis when PV and EV are present. In addition, the proposed design diagram which sets the priorities and requirements of the system is presented. The proposed approach allows setup to advance their power stability, especially during power outages. The presented information supports researchers and plant owners to complete the necessary analysis while promoting the deployment of clean energy. The result of a case study that represents a dairy milk farmer supports the theoretical works and highlights its advanced benefits to existing plants. The short return on investment of the proposed approach supports the paper's novelty approach for the sustainable electrical system. In addition, the proposed system allows for an isolated power setup without the need for a transmission line which enhances the safety of the electrical network
Presentation of IEEE Slovenia CIS (Computational Intelligence Society) Chapte...University of Maribor
Slides from talk presenting:
Aleš Zamuda: Presentation of IEEE Slovenia CIS (Computational Intelligence Society) Chapter and Networking.
Presentation at IcETRAN 2024 session:
"Inter-Society Networking Panel GRSS/MTT-S/CIS
Panel Session: Promoting Connection and Cooperation"
IEEE Slovenia GRSS
IEEE Serbia and Montenegro MTT-S
IEEE Slovenia CIS
11TH INTERNATIONAL CONFERENCE ON ELECTRICAL, ELECTRONIC AND COMPUTING ENGINEERING
3-6 June 2024, Niš, Serbia
Embedded machine learning-based road conditions and driving behavior monitoringIJECEIAES
Car accident rates have increased in recent years, resulting in losses in human lives, properties, and other financial costs. An embedded machine learning-based system is developed to address this critical issue. The system can monitor road conditions, detect driving patterns, and identify aggressive driving behaviors. The system is based on neural networks trained on a comprehensive dataset of driving events, driving styles, and road conditions. The system effectively detects potential risks and helps mitigate the frequency and impact of accidents. The primary goal is to ensure the safety of drivers and vehicles. Collecting data involved gathering information on three key road events: normal street and normal drive, speed bumps, circular yellow speed bumps, and three aggressive driving actions: sudden start, sudden stop, and sudden entry. The gathered data is processed and analyzed using a machine learning system designed for limited power and memory devices. The developed system resulted in 91.9% accuracy, 93.6% precision, and 92% recall. The achieved inference time on an Arduino Nano 33 BLE Sense with a 32-bit CPU running at 64 MHz is 34 ms and requires 2.6 kB peak RAM and 139.9 kB program flash memory, making it suitable for resource-constrained embedded systems.
Ieeepro techno solutions 2014 ieee dotnet project -key-aggregate cryptosystem for scalable data sharing in cloud storage
1. Key-Aggregate Cryptosystem
for Scalable Data Sharing in Cloud Storage
Cheng-Kang Chu, Sherman S. M. Chow, Wen-Guey Tzeng, Jianying Zhou, and
Robert H. Deng, Senior Member, IEEE
!
Abstract—Data sharing is an important functionality in cloud storage. In
this article, we show how to securely, efficiently, and flexibly share data
with others in cloud storage. We describe new public-key cryptosystems
which produce constant-size ciphertexts such that efficient delegation
of decryption rights for any set of ciphertexts are possible. The novelty
is that one can aggregate any set of secret keys and make them as
compact as a single key, but encompassing the power of all the keys
being aggregated. In other words, the secret key holder can release
a constant-size aggregate key for flexible choices of ciphertext set in
cloud storage, but the other encrypted files outside the set remain
confidential. This compact aggregate key can be conveniently sent to
others or be stored in a smart card with very limited secure storage. We
provide formal security analysis of our schemes in the standard model.
We also describe other application of our schemes. In particular, our
schemes give the first public-key patient-controlled encryption for flexible
hierarchy, which was yet to be known.
Index Terms—Cloud storage, data sharing, key-aggregate encryption,
patient-controlled encryption
1 INTRODUCTION
Cloud storage is gaining popularity recently. In en-
terprise settings, we see the rise in demand for data
outsourcing, which assists in the strategic management
of corporate data. It is also used as a core technology
behind many online services for personal applications.
Nowadays, it is easy to apply for free accounts for email,
photo album, file sharing and/or remote access, with
storage size more than 25GB (or a few dollars for more
than 1TB). Together with the current wireless technology,
users can access almost all of their files and emails by a
mobile phone in any corner of the world.
Considering data privacy, a traditional way to en-
sure it is to rely on the server to enforce the access
control after authentication (e.g., [1]), which means any
• C.-K. Chu and J. Zhou are with the Cryptography and Security Depart-
ment at Institute for Infocomm Research, Singapore.
• S. S.-M. Chow is with the Department of Information Engineering,
Chinese University of Hong Kong.
• W.-G. Tzeng is with the Department of Computer Science, National Chiao
Tung University, Taiwan.
• R. H. Deng is with the School of Information Systems, Singapore Man-
agement University.
• This work was supported by the Singapore A*STAR project SecDC-
112172014.
unexpected privilege escalation will expose all data. In
a shared-tenancy cloud computing environment, things
become even worse. Data from different clients can be
hosted on separate virtual machines (VMs) but reside
on a single physical machine. Data in a target VM could
be stolen by instantiating another VM co-resident with
the target one [2]. Regarding availability of files, there
are a series of cryptographic schemes which go as far as
allowing a third-party auditor to check the availability
of files on behalf of the data owner without leaking
anything about the data [3], or without compromising
the data owners anonymity [4]. Likewise, cloud users
probably will not hold the strong belief that the cloud
server is doing a good job in terms of confidentiality. A
cryptographic solution, e.g., [5], with proven security re-
lied on number-theoretic assumptions is more desirable,
whenever the user is not perfectly happy with trusting
the security of the VM or the honesty of the technical
staff. These users are motivated to encrypt their data
with their own keys before uploading them to the server.
Data sharing is an important functionality in cloud
storage. For example, bloggers can let their friends view
a subset of their private pictures; an enterprise may
grant her employees access to a portion of sensitive
data. The challenging problem is how to effectively
share encrypted data. Of course users can download
the encrypted data from the storage, decrypt them, then
send them to others for sharing, but it loses the value of
cloud storage. Users should be able to delegate the access
rights of the sharing data to others so that they can access
these data from the server directly. However, finding an
efficient and secure way to share partial data in cloud
storage is not trivial. Below we will take Dropbox1
as an
example for illustration.
Assume that Alice puts all her private photos on
Dropbox, and she does not want to expose her photos to
everyone. Due to various data leakage possibility Alice
cannot feel relieved by just relying on the privacy protec-
tion mechanisms provided by Dropbox, so she encrypts
all the photos using her own keys before uploading. One
day, Alice’s friend, Bob, asks her to share the photos
1. http://www.dropbox.com
IEEE Transactions on Parallel and Distributed Systems. Volume: 25, Issue: 2. Year :2014.
2. 2
taken over all these years which Bob appeared in. Alice
can then use the share function of Dropbox, but the
problem now is how to delegate the decryption rights
for these photos to Bob. A possible option Alice can
choose is to securely send Bob the secret keys involved.
Naturally, there are two extreme ways for her under the
traditional encryption paradigm:
• Alice encrypts all files with a single encryption key
and gives Bob the corresponding secret key directly.
• Alice encrypts files with distinct keys and sends Bob
the corresponding secret keys.
Obviously, the first method is inadequate since all un-
chosen data may be also leaked to Bob. For the second
method, there are practical concerns on efficiency. The
number of such keys is as many as the number of the
shared photos, say, a thousand. Transferring these secret
keys inherently requires a secure channel, and storing
these keys requires rather expensive secure storage. The
costs and complexities involved generally increase with
the number of the decryption keys to be shared. In short,
it is very heavy and costly to do that.
Encryption keys also come with two flavors — sym-
metric key or asymmetric (public) key. Using symmetric
encryption, when Alice wants the data to be originated
from a third party, she has to give the encryptor her
secret key; obviously, this is not always desirable. By
contrast, the encryption key and decryption key are
different in public-key encryption. The use of public-key
encryption gives more flexibility for our applications. For
example, in enterprise settings, every employee can up-
load encrypted data on the cloud storage server without
the knowledge of the company’s master-secret key.
Therefore, the best solution for the above problem is
that Alice encrypts files with distinct public-keys, but
only sends Bob a single (constant-size) decryption key.
Since the decryption key should be sent via a secure
channel and kept secret, small key size is always de-
sirable. For example, we can not expect large storage
for decryption keys in the resource-constraint devices
like smart phones, smart cards or wireless sensor nodes.
Especially, these secret keys are usually stored in the
tamper-proof memory, which is relatively expensive. The
present research efforts mainly focus on minimizing
the communication requirements (such as bandwidth,
rounds of communication) like aggregate signature [6].
However, not much has been done about the key itself
(see Section 3 for more details).
1.1 Our Contributions
In modern cryptography, a fundamental problem we
often study is about leveraging the secrecy of a small
piece of knowledge into the ability to perform crypto-
graphic functions (e.g. encryption, authentication) mul-
tiple times. In this paper, we study how to make a
decryption key more powerful in the sense that it allows
decryption of multiple ciphertexts, without increasing its
size. Specifically, our problem statement is –
Fig. 1. Alice shares files with identifiers 2, 3, 6 and 8 with
Bob by sending him a single aggregate key.
“To design an efficient public-key encryption scheme which
supports flexible delegation in the sense that any subset of the
ciphertexts (produced by the encryption scheme) is decryptable
by a constant-size decryption key (generated by the owner of
the master-secret key).”
We solve this problem by introducing a special type
of public-key encryption which we call key-aggregate
cryptosystem (KAC). In KAC, users encrypt a message
not only under a public-key, but also under an identifier
of ciphertext called class. That means the ciphertexts are
further categorized into different classes. The key owner
holds a master-secret called master-secret key, which can
be used to extract secret keys for different classes. More
importantly, the extracted key have can be an aggregate
key which is as compact as a secret key for a single class,
but aggregates the power of many such keys, i.e., the
decryption power for any subset of ciphertext classes.
With our solution, Alice can simply send Bob a single
aggregate key via a secure e-mail. Bob can download
the encrypted photos from Alice’s Dropbox space and
then use this aggregate key to decrypt these encrypted
photos. The scenario is depicted in Figure 1.
The sizes of ciphertext, public-key, master-secret key
and aggregate key in our KAC schemes are all of constant
size. The public system parameter has size linear in the
number of ciphertext classes, but only a small part of it
is needed each time and it can be fetched on demand
from large (but non-confidential) cloud storage.
Previous results may achieve a similar property featur-
ing a constant-size decryption key, but the classes need
to conform to some pre-defined hierarchical relationship.
Our work is flexible in the sense that this constraint
is eliminated, that is, no special relation is required
between the classes. The detail and other related works
can be found in Section 3.
We propose several concrete KAC schemes with dif-
ferent security levels and extensions in this article. All
3. 3
constructions can be proven secure in the standard
model. To the best of our knowledge, our aggregation
mechanism2
in KAC has not been investigated.
2 KEY-AGGREGATE ENCRYPTION
We first give the framework and definition for key-
aggregate encryption. Then we describe how to use KAC
in a scenario of its application in cloud storage.
2.1 Framework
A key-aggregate encryption scheme consists of five
polynomial-time algorithms as follows.
The data owner establishes the public system param-
eter via Setup and generates a public/master-secret3
key
pair via KeyGen. Messages can be encrypted via Encrypt
by anyone who also decides what ciphertext class is
associated with the plaintext message to be encrypted.
The data owner can use the master-secret to generate
an aggregate decryption key for a set of ciphertext
classes via Extract. The generated keys can be passed to
delegatees securely (via secure e-mails or secure devices)
Finally, any user with an aggregate key can decrypt
any ciphertext provided that the ciphertext’s class is
contained in the aggregate key via Decrypt4
.
• Setup(1λ
, n): executed by the data owner to setup an
account on an untrusted server. On input a security
level parameter 1λ
and the number of ciphertext
classes n (i.e., class index should be an integer
bounded by 1 and n), it outputs the public system
parameter param, which is omitted from the input
of the other algorithms for brevity.
• KeyGen: executed by the data owner to randomly
generate a public/master-secret key pair (pk, msk).
• Encrypt(pk, i, m): executed by anyone who wants to
encrypt data. On input a public-key pk, an index i
denoting the ciphertext class, and a message m, it
outputs a ciphertext C.
• Extract(msk, S): executed by the data owner for del-
egating the decrypting power for a certain set of ci-
phertext classes to a delegatee. On input the master-
secret key msk and a set S of indices corresponding
to different classes, it outputs the aggregate key for
set S denoted by KS.
• Decrypt(KS, S, i, C): executed by a delegatee who
received an aggregate key KS generated by Extract.
On input KS, the set S, an index i denoting the
2. It is obvious that we are not proposing an algorithm to compress
the decryption key. On one hand, cryptographic keys come from a
high-entropy source and are hardly compressible. On the other hand,
decryption keys for all possible combinations of ciphertext classes
are all in constant-size — information theoretically speaking such
compression scheme cannot exist.
3. We call this as master-secret key to avoid confusion with the
delegated key we will explain later.
4. For simplicity, we omit the inclusion of a decryption algorithm
for the original data owner using the master-secret key. In our specific
constructions, we will show how the knowledge of the master-secret
key allows a faster decryption than using Extract followed by Decrypt.
ciphertext class the ciphertext C belongs to, and C,
it outputs the decrypted result m if i ∈ S.
There are two functional requirements:
• Correctness For any integers λ and n, any set S ⊆
{1, · · · , n}, any index i ∈ S and any message m,
Pr[Decrypt(KS, S, i, C) = m : param ← Setup(1λ
, n),
(pk, msk) ← KeyGen(), C ← Encrypt(pk, i, m),
KS ← Extract(msk, S)] = 1.
• Compactness For any integers λ, n, any set
S, any index i ∈ S and any message m;
param ← Setup(1λ
, n), (pk, msk) ← KeyGen(), KS ←
Extract(msk, S) and C ← Encrypt(pk, i, m); |KS| and
|C| only depend on the security parameter λ but
independent of the number of classes n.
2.2 Sharing Encrypted Data
A canonical application of KAC is data sharing. The
key aggregation property is especially useful when we
expect the delegation to be efficient and flexible. The
schemes enable a content provider to share her data in
a confidential and selective way, with a fixed and small
ciphertext expansion, by distributing to each authorized
user a single and small aggregate key.
Here we describe the main idea of data sharing in
cloud storage using KAC, illustrated in Figure 2. Suppose
Alice wants to share her data m1, m2, . . . , mν on the
server. She first performs Setup(1λ
, n) to get param and
execute KeyGen to get the public/master-secret key pair
(pk, msk). The system parameter param and public-key
pk can be made public and master-secret key msk should
be kept secret by Alice. Anyone (including Alice herself)
can then encrypt each mi by Ci = Encrypt(pk, i, mi). The
encrypted data are uploaded to the server.
With param and pk, people who cooperate with Alice
can update Alice’s data on the server. Once Alice is
willing to share a set S of her data with a friend Bob,
she can compute the aggregate key KS for Bob by
performing Extract(msk, S). Since KS is just a constant-
size key, it is easy to be sent to Bob via a secure e-mail.
After obtaining the aggregate key, Bob can download
the data he is authorized to access. That is, for each i ∈ S,
Bob downloads Ci (and some needed values in param)
from the server. With the aggregate key KS, Bob can
decrypt each Ci by Decrypt(KS, S, i, Ci) for each i ∈ S.
3 RELATED WORK
This section we compare our basic KAC scheme with
other possible solutions on sharing in secure cloud stor-
age. We summarize our comparisons in Table 1.
3.1 Cryptographic Keys for a Predefined Hierarchy
We start by discussing the most relevant study in the
literature of cryptography/security. Cryptographic key
assignment schemes (e.g., [11], [12], [13], [14]) aim to
4. 4
Decryption key size Ciphertext size Encryption type
Key assignment schemes most likely non-constant constant symmetric or public-key
for a predefined hierarchy (e.g., [7]) (depends on the hierarchy)
Symmetric-key encryption with Compact Key (e.g., [8]) constant constant symmetric-key
IBE with Compact Key (e.g., [9]) constant non-constant public-key
Attribute-Based Encryption (e.g., [10]) non-constant constant public-key
KAC constant constant public-key
TABLE 1
Comparisons between our basic KAC scheme and other related schemes
Fig. 2. Using KAC for data sharing in cloud storage
minimize the expense in storing and managing secret
keys for general cryptographic use. Utilizing a tree struc-
ture, a key for a given branch can be used to derive
the keys of its descendant nodes (but not the other way
round). Just granting the parent key implicitly grants all
the keys of its descendant nodes. Sandhu [15] proposed
a method to generate a tree hierarchy of symmetric-
keys by using repeated evaluations of pseudorandom
function/block-cipher on a fixed secret. The concept can
be generalized from a tree to a graph. More advanced
cryptographic key assignment schemes support access
policy that can be modeled by an acyclic graph or a
cyclic graph [16], [17], [7]. Most of these schemes pro-
duce keys for symmetric-key cryptosystems, even though
the key derivations may require modular arithmetic as
used in public-key cryptosystems, which are generally
more expensive than “symmetric-key operations” such
as pseudorandom function.
We take the tree structure as an example. Alice can
first classify the ciphertext classes according to their
subjects like Figure 3. Each node in the tree represents
a secret key, while the leaf nodes represents the keys
for individual ciphertext classes. Filled circles represent
the keys for the classes to be delegated and circles
circumvented by dotted lines represent the keys to be
granted. Note that every key of the non-leaf node can
derive the keys of its descendant nodes.
(a) (b)
Fig. 3. Compact key is not always possible for a fixed
hierarchy
In Figure 3(a), if Alice wants to share all the files in
the “personal” category, she only needs to grant the key
for the node “personal”, which automatically grants the
delegatee the keys of all the descendant nodes (“photo”,
“music”). This is the ideal case, where most classes to
be shared belong to the same branch and thus a parent
key of them is sufficient.
However, it is still difficult for general cases. As
shown in Figure 3(b), if Alice shares her demo
music at work (“work”→“casual”→“demo” and
“work”→“confidential”→“demo”) with a colleague
who also has the rights to see some of her personal
data, what she can do is to give more keys, which leads
to an increase in the total key size. One can see that
this approach is not flexible when the classifications
are more complex and she wants to share different sets
of files to different people. For this delegatee in our
example, the number of granted secret keys becomes
the same as the number of classes.
In general, hierarchical approaches can solve the prob-
lem partially if one intends to share all files under a cer-
tain branch in the hierarchy. On average, the number of
keys increases with the number of branches. It is unlikely
to come up with a hierarchy that can save the number
of total keys to be granted for all individuals (which can
access a different set of leaf-nodes) simultaneously.
3.2 Compact Key in Symmetric-Key Encryption
Motivated by the same problem of supporting flexi-
ble hierarchy in decryption power delegation (but in
symmetric-key setting), Benaloh et al. [8] presented an
encryption scheme which is originally proposed for con-
cisely transmitting large number of keys in broadcast
scenario [18]. The construction is simple and we briefly
5. 5
review its key derivation process here for a concrete
description of what are the desirable properties we want
to achieve. The derivation of the key for a set of classes
(which is a subset of all possible ciphertext classes) is
as follows. A composite modulus N = p · q is chosen
where p and q are two large random primes. A master-
secret key Y is chosen at random from Z∗
N . Each class
is associated with a distinct prime ei. All these prime
numbers can be put in the public system parameter5
A constant-size key for set S can be generated (with
the knowledge of φ(N)) as kS = Y 1/ j∈S (ej )
mod N.
For those who have been delegated the access rights for
S where S ⊂ S, kS can be computed by k j∈SS (ej )
S .
As a concrete example, a key for classes represented by
e1, e2, e3 can be generated as Y 1/(e1·e2·e3)
, from which
each of Y 1/e1
, Y 1/e2
, Y 1/e3
can easily be derived (while
providing no information about keys for any other class,
say, e4). This approach achieves similar properties and
performances as our schemes. However, it is designed
for the symmetric-key setting instead. The encryptor needs
to get the corresponding secret keys to encrypt data,
which is not suitable for many applications. Since their
method is used to generate a secret value rather than a
pair of public/secret keys, it is unclear how to apply this
idea for public-key encryption scheme.
Finally, we note that there are schemes which try
to reduce the key size for achieving authentication in
symmetric-key encryption, e.g., [19]. However, sharing
of decryption power is not a concern in these schemes.
3.3 Compact Key in Identity-Based Encryption
Identity-based encryption (IBE) (e.g., [20], [21], [22]) is a
type of public-key encryption in which the public-key of
a user can be set as an identity-string of the user (e.g.,
an email address). There is a trusted party called private
key generator (PKG) in IBE which holds a master-secret
key and issues a secret key to each user with respect
to the user identity. The encryptor can take the public
parameter and a user identity to encrypt a message. The
recipient can decrypt this ciphertext by his secret key.
Guo et al. [23], [9] tried to build IBE with key ag-
gregation. One of their schemes [23] assumes random
oracles but another [9] does not. In their schemes, key
aggregation is constrained in the sense that all keys
to be aggregated must come from different “identity
divisions”. While there are an exponential number of
identities and thus secret keys, only a polynomial num-
ber of them can be aggregated. Most importantly, their
key-aggregation [23], [9] comes at the expense of O(n)
sizes for both ciphertexts and the public parameter, where
n is the number of secret keys which can be aggregated
into a constant size one. This greatly increases the costs
of storing and transmitting ciphertexts, which is imprac-
tical in many situations such as shared cloud storage. As
5. Another way to do this is to apply hash function to the string
denoting the class, and keep hashing repeatedly until a prime is
obtained as the output of the hash function.
we mentioned, our schemes feature constant ciphertext
size, and their security holds in the standard model.
In fuzzy IBE [21], one single compact secret key can
decrypt ciphertexts encrypted under many identities
which are close in a certain metric space, but not for
an arbitrary set of identities and therefore it does not
match with our idea of key aggregation.
3.4 Other Encryption Schemes
Attribute-based encryption (ABE) [10], [24] allows each
ciphertext to be associated with an attribute, and the
master-secret key holder can extract a secret key for a
policy of these attributes so that a ciphertext can be
decrypted by this key if its associated attribute conforms
to the policy. For example, with the secret key for the
policy (2 ∨ 3 ∨ 6 ∨ 8), one can decrypt ciphertext tagged
with class 2, 3, 6 or 8. However, the major concern in
ABE is collusion-resistance but not the compactness of
secret keys. Indeed, the size of the key often increases
linearly with the number of attributes it encompasses,
or the ciphertext-size is not constant (e.g., [25]).
To delegate the decryption power of some ciphertexts
without sending the secret key to the delegatee, a useful
primitive is proxy re-encryption (PRE) (e.g., [26], [27],
[28], [29]). A PRE scheme allows Alice to delegate to
the server (proxy) the ability to convert the ciphertexts
encrypted under her public-key into ones for Bob. PRE
is well known to have numerous applications includ-
ing cryptographic file system [30]. Nevertheless, Alice
has to trust the proxy that it only converts ciphertexts
according to her instruction, which is what we want
to avoid at the first place. Even worse, if the proxy
colludes with Bob, some form of Alice’s secret key can
be recovered which can decrypt Alice’s (convertible)
ciphertexts without Bob’s further help. That also means
that the transformation key of proxy should be well-
protected. Using PRE just moves the secure key storage
requirement from the delegatee to the proxy. It is thus
undesirable to let the proxy reside in the storage server.
That will also be inconvenient since every decryption
requires separate interaction with the proxy.
4 CONCRETE CONSTRUCTIONS OF KAC
Let G and GT be two cyclic groups of prime order p and
ˆe : G × G → GT be a map with the following properties:
• Bilinear: ∀g1, g2 ∈ G, a, b ∈ Z, ˆe(ga
1 , gb
2) = ˆe(g1, g2)ab
.
• Non-degenerate: for some g ∈ G, ˆe(g, g) = 1.
G is a bilinear group if all the operations involved above
are efficiently computable. Many classes of elliptic curves
feature bilinear groups.
4.1 A Basic Construction
The design of our basic scheme is inspired from the
collusion-resistant broadcast encryption scheme pro-
posed by Boneh et al. [31]. Although their scheme
supports constant-size secret keys, every key only has
6. 6
the power for decrypting ciphertexts associated to a
particular index. We thus need to devise a new Extract
algorithm and the corresponding Decrypt algorithm.
• Setup(1λ
, n): Randomly pick a bilinear group G of
prime order p where 2λ
≤ p ≤ 2λ+1
, a generator
g ∈ G and α ∈R Zp. Compute gi = gαi
∈ G for i =
1, · · · , n, n+2, · · · , 2n. Output the system parameter
as param = g, g1, · · · , gn, gn+2, · · · , g2n (α can be
safely deleted after Setup).
Note that each ciphertext class is represented by an
index in the integer set {1, 2, · · · , n}, where n is the
maximum number of ciphertext classes.
• KeyGen(): Pick γ ∈R Zp, output the public and
master-secret key pair: (pk = v = gγ
, msk = γ).
• Encrypt(pk, i, m): For a message m ∈ GT and an
index i ∈ {1, 2, · · · , n}, randomly pick t ∈R Zp
and compute the ciphertext as C = gt
, (vgi)t
, m ·
ˆe(g1, gn)t
.
• Extract(msk = γ, S): For the set S of indices j’s,
the aggregate key is computed as KS =
j∈S
gγ
n+1−j.
Since S does not include 0, gn+1−j = gαn+1−j
can
always be retrieved from param.
• Decrypt(KS, S, i, C = c1, c2, c3 ): If i /∈ S, output
⊥. Otherwise, return the message: m = c3 · ˆe(KS ·
j∈S,j=i
gn+1−j+i, c1)/ˆe(
j∈S
gn+1−j, c2).
For the data owner, with the knowledge of γ,
the term ˆe(g1, gn)t
can be easily recovered by
ˆe(c1, gn)γ
= ˆe(gt
, gn)γ
= ˆe(g1, gn)t
.
For correctness, we can see that
c3 · ˆe(KS ·
j∈S,j=i
gn+1−j+i, c1)/ˆe(
j∈S
gn+1−j, c2)
= c3 ·
ˆe(
j∈S
gγ
n+1−j ·
j∈S,j=i
gn+1−j+i,gt
)
ˆe(
j∈S
gn+1−j ,(vgi)t)
= c3 · ˆe(
j∈S,j=i
gn+1−j+i, gt
)/ˆe(
j∈S
gn+1−j, gt
i )
= c3 ·
ˆe(
j∈S
gn+1−j+i,gt
)/ˆe(gn+1,gt
)
ˆe(
j∈S
gn+1−j+i,gt)
= m · ˆe(g1, gn)t
/ˆe(gn+1, gt
) = m.
4.1.1 Performance
For encryption, the value ˆe(g1, gn) can be pre-computed
and put in the system parameter. On the other hand,
we can see that decryption only takes two pairings
while only one of them involves the aggregate key. That
means we only need one pairing computation within
the security chip storing the (secret) aggregate key. It is
fast to compute a pairing nowadays, even in resource-
constrained devices. Efficient software implementations
exist even for sensor nodes [32].
4.1.2 Discussions
The “magic” of getting constant-size aggregate key and
constant-size ciphertext simultaneously comes from the
linear-size system parameter. Our motivation is to re-
duce the secure storage and this is a trade-off between
Fig. 4. Key assignment in our approach
two kinds of storage. The parameter can be placed in
non-confidential local storage or in a cache provided
by the service company. They can also be fetched on
demand, as not all of them are required in all occasions.
The system parameter can also be generated by a
trusted party, shared between all users and even hard-
coded to the user program (and can be updated via
“patches”). In this case, while the users need to trust the
parameter-generator for securely erasing any ephemeral
values used, the access control is still ensured by a
cryptographic mean instead of relying on some server
to restrict the accesses honestly.
4.2 Public-Key Extension
If a user needs to classify his ciphertexts into more
than n classes, he can register for additional key pairs
(pk2, msk2), · · · , (pk , msk ). Each class now is indexed by
a 2-level index in {(i, j)|1 ≤ i ≤ , 1 ≤ j ≤ n} and the
number of classes is increased by n for each added key.
Since the new public-key can be essentially treated as
a new user, one may have the concern that key aggre-
gation across two independent users is not possible. It
seems that we face the problem of hierarchical solution
as reviewed in Section 1, but indeed, we still achieve
shorter key size and gain flexibility as illustrated in
Figure 4. Figure 4 shows the flexibility of our approach.
We achieve “local aggregation”, which means the secret
keys under the same branch can always be aggregated.
We use a quaternary tree for the last level just for better
illustration of our distinctive feature. Our advantage is
still preserved when compared with quaternary trees in
hierarchical approach, in which the latter either delegates
the decryption power for all 4 classes (if the key for their
parent class is delegated) or the number of keys will be
the same as the number of classes. For our approach, at
most 2 aggregate keys are needed in our example.
Below we give the details on how encryption and
decryption work when the public-key is extended, which
is similar to the “
√
n-approach” [31].
• Setup and KeyGen: Same as the basic construction.
• Extend(pkl, mskl): Execute KeyGen() to
get (vl+1, γl+1) ∈ G × Zp, output the
extended public and master-secret keys as
pkl+1 = (pkl, vl+1), mskl+1 = (mskl, γl+1).
7. 7
• Encrypt(pkl, (a, b), m): Let pkl = {v1, · · · , vl}. For an
index (a, b), 1 ≤ a ≤ l, 1 ≤ b ≤ n, pick t ∈R Zp, out-
put the ciphertext as C = gt
, (vagb)t
, m · ˆe(g1, gn)t
.
• Extract(mskl, Sl): Let mskl = {γ1, γ2, · · · , γl}. For a
set Sl of indices (i, j), 1 ≤ i ≤ l, 1 ≤ j ≤ n, get
gn+1−j = gαn+1−j
from param, output:
KSl
= (
(1,j)∈Sl
gγ1
n+1−j,
(2,j)∈Sl
gγ2
n+1−j,
· · · ,
(l,j)∈Sl
gγl
n+1−j ).
• Decrypt(KSl
, Sl, (a, b), C): If (a, b) /∈ Sl, output ⊥.
Otherwise, let KSl
= (d1, · · · , dl) and C = c1, c2, c3 .
Output the message:
m =
c3 · ˆe(da ·
(a,j)∈Sl,j=b
gn+1−j+b, c1)
ˆe(
(a,j)∈Sl
gn+1−j, c2)
.
Just like the basic construction, the decryption can
be done more efficiently with the knowledge of γi’s.
Correctness is not much more difficult to see:
c3 · ˆe(da ·
(a,j)∈Sl,j=b
gn+1−j+b, c1)
/ ˆe(
(a,j)∈Sl
gn+1−j, c2)
= c3 · ˆe(
(a,j)∈Sl
gγa
n+1−j ·
(a,j)∈Sl,j=b
gn+1−j+b, gt
)
/ ˆe(
(a,j)∈Sl
gn+1−j, (vagb)t
)
= c3 · ˆe(
(a,j)∈Sl,j=b
gn+1−j+b, gt
)/ˆe(
(a,j)∈Sl
gn+1−j, gt
b)
= m · ˆe(g1, gn)t
/ˆe(gn+1, gt
) = m.
We can also prove the semantic security of this ex-
tended scheme. The proof is very similar to that for the
basic scheme and therefore is omitted. The public-key of
our CCA construction to be presented below can also be
extended using the same Extend algorithm.
4.2.1 Discussions
To make the best out of our extended scheme (i.e., to
make the key size as small as possible), we suggest that
the ciphertext classes for different purposes should be
corresponded to different public-keys. This is reason-
able in practice and does not contradict our criticism
on hierarchical methods that an efficient assignment of
hierarchy requires a priori knowledge on what to be
shared. Using our example, pk1 and pk2 correspond to
“personal” and “work”. It is likely to have many sub-
categories under either of them but it may not be equally
likely to share both of them (if the user does not gossip
about office drama with friends and do not expose party
photos to colleagues). Another example, say a user’s
categorization include “music” and “game”. One day she
becomes a graduate student and needs to publish, and
therefore find the new need to add a category “paper”,
which is probably independent of “music” and “game”.
4.2.2 Other Implication
This key extension approach can also be seen as a key
update process. In case a secret value is compromised,
we can replace the compromised pk1 with a new key
pk2. The small aggregate key size minimizes the com-
munication overhead for transferring the new key.
5 PERFORMANCE ANALYSIS
5.1 Compression Factors
For a concrete comparison, we investigate the space
requirements of the tree-based key assignment approach
we described in Section 3.1. This is used in the Complete
Subtree scheme, which is a representative solution to the
broadcast encryption problem following the well-known
Subset-Cover framework [33]. It employs a static logical
key hierarchy, which is materialized with a full binary
key tree of height h (equals to 3 in Figure 3), and thus
can support up to 2h
ciphertext classes, a selected part
of which is intended for an authorized delegatee.
In an ideal case as depicted in Figure 3(a), the dele-
gatee can be granted the access to 2hs
classes with the
possession of only one key, where hs is the height of a
certain subtree (e.g., hs = 2 in Figure 3(a)). On the other
hand, to decrypt ciphertexts of a set of classes, sometimes
the delegatee may have to hold a large number of keys,
as depicted in Figure 3(b). Therefore, we are interested
in na, the number of symmetric-keys to be assigned in this
hierarchical key approach, in an average sense.
We assume that there are exactly 2h
ciphertext classes,
and the delegatee of concern is entitled to a portion
r of them. That is, r is the delegation ratio, the ratio
of the delegated ciphertext classes to the total classes.
Obviously, if r = 0, na should also be 0, which means
no access to any of the classes; if r = 100%, na should
be as low as 1, which means that the possession of only
the root key in the hierarchy can grant the access to all
the 2h
classes. Consequently, one may expect that na
may first increase with r, and may decrease later. We
set r = 10%, 20%, · · · , 90%, and choose the portion in a
random manner to model an arbitrary “delegation pat-
tern” for different delegatees. For each combination of r
and h, we randomly generate 104
different combinations
of classes to be delegated, and the output key set size
na is the average over random delegations.
We tabulate the results in Table 2, where h = 16, 18, 20
respectively6
. For a given h, na increases with the dele-
gation ratio r until r reaches ∼ 70%. An amazing fact is
that, the ratio of na to N(= 2h+1
− 1), the total number of
keys in the hierarchy (e.g., N = 15 in Figure 3), appears
to be only determined by r but irrelevant of h. This
is because when the number of ciphertext classes (2h
)
is large and the delegation ratio (r) is fixed, this kind
of random delegation achieves roughly the same key
6. Legend: h: The height of the binary tree: there are total 2h
ciphertext classes, na: The number of keys to be assigned, N: The
total number of keys in the hierarchy, r: The delegation ratio: the ratio
of the delegated ciphertext classes to the total classes.
8. 8
h r 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 0.95
na 6224.8 11772.5 16579.3 20545.8 23520.7 25263.8 25400.1 23252.6 17334.6 11670.2
16 na
N
4.75% 8.98% 12.65% 15.68% 17.94% 19.27% 19.38% 17.74% 13.23% 8.90%
na 24895.8 47076.1 66312.4 82187.1 94078.8 101052.4 101594.8 93025.4 69337.4 46678.8
18 na
N
4.75% 8.98% 12.65% 15.68% 17.94% 19.27% 19.38% 17.74% 13.23% 8.90%
na 99590.5 188322.0 265254.1 328749.5 376317.4 404205.0 406385.1 372085.2 277343.1 186725.4
20 na
N
4.75% 8.98% 12.65% 15.68% 17.94% 19.27% 19.38% 17.74% 13.22% 8.90%
TABLE 2
Compression ratios for different delegation ratios and tree heights
assignment ratios (na/N). Thus, for the same r, na grows
exponentially with h. We can easily estimate how many
keys we need to assign when we are given r and h.
We then turn our focus to the compression7
factor F
for a certain h, i.e., the average number of delegated
classes that each granted key can decrypt. Specifically, it
is the ratio of the total number of delegated classes (r2h
)
to the number of granted keys required (na). Certainly,
higher compression factor is preferable because it means
each granted key can decrypt more ciphertexts. Figure
5(a) illustrates the relationship between the compression
factor and the delegation ratio. Somewhat surprisingly,
we found that F = 3.2 even for delegation ratio of r =
0.9, and F < 6 for r = 0.95, which deviates from the
intuition that only a small number of “powerful” keys
are needed for delegating most of the classes. We can
only get a high (but still small) compression factor when
the delegation ratio is close to 1.
A comparison of the number of granted keys between
three methods is depicted in Figure 5(b). We can see that
if we grant the key one by one, the number of granted
keys would be equal to the number of the delegated
ciphertext classes. With the tree-based structure, we can
save a number of granted keys according to the delega-
tion ratio. On the contrary, in our proposed approach, the
delegation of decryption can be efficiently implemented
with the aggregate key, which is only of fixed size.
In our experiment, the delegation is randomly chosen.
It models the situation that the needs for delegating to
different users may not be predictable as time goes by,
even after a careful initial planning. This gives empirical
evidences to support our thesis that hierarchical key
assignment does not save much in all cases.
5.2 Performance of Our Proposed Schemes
Our approaches allow the compression factor F (F =
n in our schemes) to be a tunable parameter, at the
cost of O(n)-sized system parameter. Encryption can be
done in constant time, while decryption can be done
in O(|S|) group multiplications (or point addition on
elliptic curves) with 2 pairing operations, where S is
the set of ciphertext classes decryptable by the granted
aggregate key and |S| ≤ n. As expected, key extraction
requires O(|S|) group multiplications as well, which
7. As discussed, we are not proposing a compression mechanism,
yet we effectively save the costly secure storage requirement.
(a)
(b)
Fig. 5. (a) Compression achieved by the tree-based
approach for delegating different ratio of the classes (b)
Number of granted keys (na) required for different ap-
proaches in the case of 65536 classes of data
seems unavoidable. However, as demonstrated by the
experiment results, we do not need to set a very high n
to have better compression than the tree-based approach.
Note that group multiplication is a very fast operation.
Again, we confirm empirically that our analysis is
true. We implemented the basic KAC system in C with
the Pairing-Based Cryptography (PBC) Library8
version
0.4.18 for the underlying elliptic-curve group and pairing
operations. Since the granted key can be as small as
one G element, and the ciphertext only contains two
8. http://crypto.stanford.edu/pbc
9. 9
r 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 0.95
Setup 8.4
Extract 2 4 5 7 8 9 10 10 11 11
Decrypt 4 6 9 12 14 15 16 18 20 20
TABLE 3
Performance of our basic construction for h = 16 with respect to different delegation ratio r (in milliseconds)
G and one GT elements, we used (symmetric) pairings
over Type-A (supersingular) curves as defined in the
PBC library which offers the highest efficiency among
all types of curves, even though Type-A curves do not
provide the shortest representation for group elements.
In our implementation, p is a 160-bit Solinas prime,
which offers 1024-bit of discrete-logarithm security. With
this Type-A curves setting in PBC, elements of groups G
and GT take 512 and 1024 bits to represent, respectively.
The test machine is a Sun UltraSparc IIIi system
with dual CPU (1002 MHz) running Solaris, each with
2GB RAM. The timings reported below are averaged
over 100 randomized runs. In our experiment, we take
the number of ciphertext classes n = 216
= 65536. The
Setup algorithm, while outputting (2n + 1) elements by
doing (2n − 2) exponentiations, can be made efficient
by preprocessing function offered by PBC, which saves
time for exponentiating the same element (g) in the long
run. This is the only “low-level” optimization trick we
have used. All other operations are implemented in a
straightforward manner. In particular, we did not exploit
the fact that ˆe(g1, gn) will be exponentiated many times
across different encryptions. However, we pre-computed
its value in the setup stage, such that the encryption can
be done without computing any pairing.
Our experiment results are shown in Table 3. The ex-
ecution times of Setup, KeyGen, Encrypt are independent
of the delegation ratio r. In our experiments, KeyGen
takes 3.3 milliseconds and Encrypt takes 6.8 milliseconds.
As expected, the running time complexities of Extract
and Decrypt increase linearly with the delegation ratio r
(which determines the size of the delegated set S). Our
timing results also conform to what can be seen from
the equation in Extract and Decrypt — two pairing oper-
ations take negligible time, the running time of Decrypt
is roughly a double of Extract. Note that our experiments
dealt with up to 65536 number of classes (which is also
the compression factor), and should be large enough for
fine-grained data sharing in most situations.
Finally, we remark that for applications where the
number of ciphertext classes is large but the non-
confidential storage is limited, one should deploy our
schemes using the Type-D pairing bundled with the
PBC, which only requires 170-bit to represent an element
in G. For n = 216
, the system parameter requires ap-
proximately 2.6 megabytes, which is as large as a lower-
quality MP3 file or a higher-resolution JPEG file that a
typical cellphone can store more than a dozen of them.
But we saved expensive secure storage without the hassle
of managing a hierarchy of delegation classes.
6 NEW PATIENT-CONTROLLED ENCRYPTION
Motivated by the nationwide effort to computerize
America’s medical records, the concept of patient-
controlled encryption (PCE) has been studied [8]. In
PCE, the health record is decomposed into a hierarchical
representation based on the use of different ontologies,
and patients are the parties who generate and store secret
keys. When there is a need for a healthcare personnel to
access part of the record, a patient will release the secret
key for the concerned part of the record. In the work
of Benaloh et al. [8], three solutions have been provided,
which are symmetric-key PCE for fixed hierarchy (the
“folklore” tree-based method in Section 3.1), public-key
PCE for fixed hierarchy (the IBE analog of the folklore
method, as mentioned in Section 3.1), and RSA-based
symmetric-key PCE for “flexible hierarchy” (which is the
“set membership” access policy as we explained).
Our work provides a candidate solution for the miss-
ing piece, public-key PCE for flexible hierarchy, which
the existence of an efficient construction was an open
question. Any patient can either define her own hierar-
chy according to her need, or follow the set of categories
suggested by the electronic medical record system she
is using, such as “clinic visits”, “x-rays”, “allergies”,
“medications” and so on. When the patient wishes to
give access rights to her doctor, she can choose any
subset of these categories and issue a single key, from
which keys for all these categories can be computed.
Thus, we can essentially use any hierarchy we choose,
which is especially useful when the hierarchy can be
complex. Finally, one healthcare personnel deals with
many patients and the patient record is possible stored
in cloud storage due to its huge size (e.g., high resolution
medical imaging employing x-ray), compact key size and
easy key management are of paramount importance.
7 CONCLUSION AND FUTURE WORK
How to protect users’ data privacy is a central ques-
tion of cloud storage. With more mathematical tools,
cryptographic schemes are getting more versatile and
often involve multiple keys for a single application. In
this article, we consider how to “compress” secret keys
in public-key cryptosystems which support delegation
of secret keys for different ciphertext classes in cloud
storage. No matter which one among the power set of
classes, the delegatee can always get an aggregate key
of constant size. Our approach is more flexible than
hierarchical key assignment which can only save spaces
if all key-holders share a similar set of privileges.
10. 10
A limitation in our work is the predefined bound of
the number of maximum ciphertext classes. In cloud
storage, the number of ciphertexts usually grows rapidly.
So we have to reserve enough ciphertext classes for
the future extension. Otherwise, we need to expand the
public-key as we described in Section 4.2.
Although the parameter can be downloaded with
ciphertexts, it would be better if its size is independent of
the maximum number of ciphertext classes. On the other
hand, when one carries the delegated keys around in a
mobile device without using special trusted hardware,
the key is prompt to leakage, designing a leakage-
resilient cryptosystem [22], [34] yet allows efficient and
flexible key delegation is also an interesting direction.
REFERENCES
[1] S. S. M. Chow, Y. J. He, L. C. K. Hui, and S.-M. Yiu, “SPICE -
Simple Privacy-Preserving Identity-Management for Cloud Envi-
ronment,” in Applied Cryptography and Network Security - ACNS
2012, ser. LNCS, vol. 7341. Springer, 2012, pp. 526–543.
[2] L. Hardesty, “Secure computers aren’t so secure,” MIT press, 2009,
http://www.physorg.com/news176107396.html.
[3] C. Wang, S. S. M. Chow, Q. Wang, K. Ren, and W. Lou, “Privacy-
Preserving Public Auditing for Secure Cloud Storage,” IEEE Trans.
Computers, vol. 62, no. 2, pp. 362–375, 2013.
[4] B. Wang, S. S. M. Chow, M. Li, and H. Li, “Storing Shared Data
on the Cloud via Security-Mediator,” in International Conference
on Distributed Computing Systems - ICDCS 2013. IEEE, 2013.
[5] S. S. M. Chow, C.-K. Chu, X. Huang, J. Zhou, and R. H. Deng,
“Dynamic Secure Cloud Storage with Provenance,” in Cryptog-
raphy and Security: From Theory to Applications - Essays Dedicated
to Jean-Jacques Quisquater on the Occasion of His 65th Birthday, ser.
LNCS, vol. 6805. Springer, 2012, pp. 442–464.
[6] D. Boneh, C. Gentry, B. Lynn, and H. Shacham, “Aggregate
and Verifiably Encrypted Signatures from Bilinear Maps,” in
Proceedings of Advances in Cryptology - EUROCRYPT ’03, ser. LNCS,
vol. 2656. Springer, 2003, pp. 416–432.
[7] M. J. Atallah, M. Blanton, N. Fazio, and K. B. Frikken, “Dynamic
and Efficient Key Management for Access Hierarchies,” ACM
Transactions on Information and System Security (TISSEC), vol. 12,
no. 3, 2009.
[8] J. Benaloh, M. Chase, E. Horvitz, and K. Lauter, “Patient
Controlled Encryption: Ensuring Privacy of Electronic Medical
Records,” in Proceedings of ACM Workshop on Cloud Computing
Security (CCSW ’09). ACM, 2009, pp. 103–114.
[9] F. Guo, Y. Mu, Z. Chen, and L. Xu, “Multi-Identity Single-Key
Decryption without Random Oracles,” in Proceedings of Informa-
tion Security and Cryptology (Inscrypt ’07), ser. LNCS, vol. 4990.
Springer, 2007, pp. 384–398.
[10] V. Goyal, O. Pandey, A. Sahai, and B. Waters, “Attribute-Based
Encryption for Fine-Grained Access Control of Encrypted data,”
in Proceedings of the 13th ACM Conference on Computer and Com-
munications Security (CCS ’06). ACM, 2006, pp. 89–98.
[11] S. G. Akl and P. D. Taylor, “Cryptographic Solution to a Problem
of Access Control in a Hierarchy,” ACM Transactions on Computer
Systems (TOCS), vol. 1, no. 3, pp. 239–248, 1983.
[12] G. C. Chick and S. E. Tavares, “Flexible Access Control with
Master Keys,” in Proceedings of Advances in Cryptology - CRYPTO
’89, ser. LNCS, vol. 435. Springer, 1989, pp. 316–322.
[13] W.-G. Tzeng, “A Time-Bound Cryptographic Key Assignment
Scheme for Access Control in a Hierarchy,” IEEE Transactions on
Knowledge and Data Engineering (TKDE), vol. 14, no. 1, pp. 182–188,
2002.
[14] G. Ateniese, A. D. Santis, A. L. Ferrara, and B. Masucci,
“Provably-Secure Time-Bound Hierarchical Key Assignment
Schemes,” J. Cryptology, vol. 25, no. 2, pp. 243–270, 2012.
[15] R. S. Sandhu, “Cryptographic Implementation of a Tree Hierarchy
for Access Control,” Information Processing Letters, vol. 27, no. 2,
pp. 95–98, 1988.
[16] Y. Sun and K. J. R. Liu, “Scalable Hierarchical Access Control in
Secure Group Communications,” in Proceedings of the 23th IEEE
International Conference on Computer Communications (INFOCOM
’04). IEEE, 2004.
[17] Q. Zhang and Y. Wang, “A Centralized Key Management Scheme
for Hierarchical Access Control,” in Proceedings of IEEE Global
Telecommunications Conference (GLOBECOM ’04). IEEE, 2004, pp.
2067–2071.
[18] J. Benaloh, “Key Compression and Its Application to Digital
Fingerprinting,” Microsoft Research, Tech. Rep., 2009.
[19] B. Alomair and R. Poovendran, “Information Theoretically Secure
Encryption with Almost Free Authentication,” J. UCS, vol. 15,
no. 15, pp. 2937–2956, 2009.
[20] D. Boneh and M. K. Franklin, “Identity-Based Encryption from the
Weil Pairing,” in Proceedings of Advances in Cryptology - CRYPTO
’01, ser. LNCS, vol. 2139. Springer, 2001, pp. 213–229.
[21] A. Sahai and B. Waters, “Fuzzy Identity-Based Encryption,” in
Proceedings of Advances in Cryptology - EUROCRYPT ’05, ser. LNCS,
vol. 3494. Springer, 2005, pp. 457–473.
[22] S. S. M. Chow, Y. Dodis, Y. Rouselakis, and B. Waters, “Practi-
cal Leakage-Resilient Identity-Based Encryption from Simple As-
sumptions,” in ACM Conference on Computer and Communications
Security, 2010, pp. 152–161.
[23] F. Guo, Y. Mu, and Z. Chen, “Identity-Based Encryption: How to
Decrypt Multiple Ciphertexts Using a Single Decryption Key,” in
Proceedings of Pairing-Based Cryptography (Pairing ’07), ser. LNCS,
vol. 4575. Springer, 2007, pp. 392–406.
[24] M. Chase and S. S. M. Chow, “Improving Privacy and Security in
Multi-Authority Attribute-Based Encryption,” in ACM Conference
on Computer and Communications Security, 2009, pp. 121–130.
[25] T. Okamoto and K. Takashima, “Achieving Short Ciphertexts or
Short Secret-Keys for Adaptively Secure General Inner-Product
Encryption,” in Cryptology and Network Security (CANS ’11), 2011,
pp. 138–159.
[26] R. Canetti and S. Hohenberger, “Chosen-Ciphertext Secure Proxy
Re-Encryption,” in Proceedings of the 14th ACM Conference on
Computer and Communications Security (CCS ’07). ACM, 2007,
pp. 185–194.
[27] C.-K. Chu and W.-G. Tzeng, “Identity-Based Proxy Re-encryption
Without Random Oracles,” in Information Security Conference (ISC
’07), ser. LNCS, vol. 4779. Springer, 2007, pp. 189–202.
[28] C.-K. Chu, J. Weng, S. S. M. Chow, J. Zhou, and R. H. Deng,
“Conditional Proxy Broadcast Re-Encryption,” in Australasian
Conference on Information Security and Privacy (ACISP ’09), ser.
LNCS, vol. 5594. Springer, 2009, pp. 327–342.
[29] S. S. M. Chow, J. Weng, Y. Yang, and R. H. Deng, “Efficient
Unidirectional Proxy Re-Encryption,” in Progress in Cryptology -
AFRICACRYPT 2010, ser. LNCS, vol. 6055. Springer, 2010, pp.
316–332.
[30] G. Ateniese, K. Fu, M. Green, and S. Hohenberger, “Improved
Proxy Re-Encryption Schemes with Applications to Secure Dis-
tributed Storage,” ACM Transactions on Information and System
Security (TISSEC), vol. 9, no. 1, pp. 1–30, 2006.
[31] D. Boneh, C. Gentry, and B. Waters, “Collusion Resistant Broad-
cast Encryption with Short Ciphertexts and Private Keys,” in
Proceedings of Advances in Cryptology - CRYPTO ’05, ser. LNCS,
vol. 3621. Springer, 2005, pp. 258–275.
[32] L. B. Oliveira, D. Aranha, E. Morais, F. Daguano, J. Lopez, and
R. Dahab, “TinyTate: Computing the Tate Pairing in Resource-
Constrained Sensor Nodes,” in Proceedings of 6th IEEE International
Symposium on Network Computing and Applications (NCA ’07).
IEEE, 2007, pp. 318–323.
[33] D. Naor, M. Naor, and J. Lotspiech, “Revocation and Tracing
Schemes for Stateless Receivers,” in Proceedings of Advances in
Cryptology - CRYPTO ’01, ser. LNCS. Springer, 2001, pp. 41–62.
[34] T. H. Yuen, S. S. M. Chow, Y. Zhang, and S. M. Yiu, “Identity-
Based Encryption Resilient to Continual Auxiliary Leakage,” in
Proceedings of Advances in Cryptology - EUROCRYPT ’12, ser. LNCS,
vol. 7237, 2012, pp. 117–134.
[35] D. Boneh, X. Boyen, and E.-J. Goh, “Hierarchical Identity Based
Encryption with Constant Size Ciphertext,” in Proceedings of Ad-
vances in Cryptology - EUROCRYPT ’05, ser. LNCS, vol. 3494.
Springer, 2005, pp. 440–456.
[36] D. Boneh, R. Canetti, S. Halevi, and J. Katz, “Chosen-Ciphertext
Security from Identity-Based Encryption,” SIAM Journal on Com-
puting (SIAMCOMP), vol. 36, no. 5, pp. 1301–1328, 2007.
11. 11
Cheng-Kang Chu received his Ph.D. in Com-
puter Science from National Chiao Tung Uni-
versity (Hsinchu, Taiwan). After a postdoctoral
fellowship in Singapore Management University
with Prof. Robert H. Deng, he joined Cryptogra-
phy and Security department at Institute for Info-
comm Research (I2R) as a Research Scientist.
He has had a long-term interest in the develop-
ment of new technologies in Applied Cryptogra-
phy, Cloud Computing Security, Wireless Sensor
Network Security and Smart Grid Security. Now
he is mainly working on a project to develop security techniques in large
scale shared storage systems. He has published many research papers
in major conferences like PKC, CT-RSA, ACNS, etc. and received the
best student paper award in ISC 2007. He also served as vice chair of
IEEE CCNC 2012 and on the program committee of many international
conferences including TrustBus, WISTP, IEEE CCNC, IEEE CloudCom,
etc.
Sherman S. M. Chow joined the Department
of Information Engineering at the Chinese Uni-
versity of Hong Kong as an assistant profes-
sor in November 2012. He was a research fel-
low at Department of Combinatorics and Opti-
mization, University of Waterloo, a position he
commenced after receiving his Ph.D. degree
from the Courant Institute of Mathematical Sci-
ences, New York University. He interned at NTT
Research and Development (Tokyo), Microsoft
Research (Redmond) and Fuji Xerox Palo Alto
Laboratory, and has made research visits to U. Maryland, U. Calgary,
U. Texas, HKU, MIT, and Queensland University of Technology. These
visits resulted in US patent applications and also in publications at major
conferences such as ACM CCS and IACR EUROCRYPT. His research
interests are applied cryptography, privacy and distributed systems
security in general. He serves on the program committees of several in-
ternational conferences including ASIACRYPT 2012-2013, ACNS 2012-
2013, ASIACCS 2013, IEEE-CNS 2013 and Financial Crypt. 2013.
Wen-Guey Tzeng received his BS degree in
Computer Science and Information Engineering
from National Taiwan University, Taiwan, 1985;
and MS and PhD degrees in Computer Science
from the State University of New York at Stony
Brook, USA, in 1987 and 1991, respectively.
He joined the Department of Computer Science,
National Chiao Tung University, Taiwan, in 1991.
Professor Tzeng now serves as Chairman of the
department. His current research interests in-
clude Cryptology, Information Security and Net-
work Security.
Jianying Zhou is a senior scientist at Institute
for Infocomm Research, and heads the Network
Security Group. He received PhD in Information
Security from University of London. His research
interests are in computer and network security,
mobile and wireless communications security,
cloud security, and smart grid security.
Robert H. Deng has been a Professor at the
School of Information Systems, Singapore Man-
agement University since 2004. Prior to this,
he was Principal Scientist and Manager of In-
focomm Security Department, Institute for Info-
comm Research, Singapore. His research in-
terests include data security and privacy, mul-
timedia security, network and system security.
He was the Associate Editor of the IEEE Trans-
actions on Information Forensics and Security
from 2009 to 2012. He is currently Associate
Editor of IEEE Transactions on Dependable and Secure Computing,
Associate Editor of Security and Communication Networks (John Wiley),
and a member of Editorial Board of Journal of Computer Science and
Technology (the Chinese Academy of Sciences). He is the co-chair
of the Steering Committee of the ACM Symposium on Information,
Computer and Communications Security (ASIACCS).
He received the University Outstanding Researcher Award from the
National University of Singapore in 1999 and the Lee Kuan Yew Fellow
for Research Excellence from the Singapore Management University
in 2006. He was named Community Service Star and Showcased
Senior Information Security Professional by (ISC)2 under its Asia-Pacific
Information Security Leadership Achievements program in 2010. He
received the Distinguished Paper Award of the 19th Annual Network
& Distributed System Security Symposium (NDSS 2012) and the Best
Paper Award of the 13th Joint IFIP TC6 & TC11 Conference on Com-
munications and Multimedia Security (CMS 2012).