Research On Security And Privacy Issues In Cloud Storage And Multi-User Data Sharing

As the development of the computational device and high-speed network,we are shifting towards a digital and paperless society.Meanwhile,data storage is undergoing a migration from local to the cloud,data sharing is more convenient.While enjoying massive benefits,cloud storage and multi-user data sharing also bring more security and privacy issues.In cloud storage,although the Cloud service providers(CSP)claim to provide reliable services,data outage and security breaches of cloud services occur frequently.Hence,the risk of data loss still exists in cloud storage.To ensure that data stored in the cloud is intact,a user needs to make a data integrity check.However,if we deploy traditional data integrity check method into the cloud,both users and the CSP will suffer from huge communication and computation cost.Public data audit for data in the cloud is a data integrity check method designed for the cloud.Privacy-preserving public auditing allows a third-party auditor to perform data integrity check on behalf of users without violating the privacy of them.Existing public auditing protocols assume users' end devices are powerful enough to perform the costly computation in real time when the outsourced data is given.Henceforth,such protocols are not low-performance end device friendly.In multi-user data sharing,a secret key should be shared among the users to guarantee the security of shared data.Typical methods of group key distribution include group key agreement and broadcast encryption.When the number of group users is larger than 3,group key agreement needs at least two round interaction to establish the shared group key.While most of the broadcast encryption schemes assume the set of receivers is a part of the ciphertext.This will expose receivers' identities into open network and hence violate the privacy of users.Compared with traditional group key agreement,asymmetric group key agreement only need one round.However,existing asymmetric group key agreement protocols do not consider sender authentication and privacy problems.Compared with traditional broadcast encryption,anonymous broadcast encryption has the property of receiver anonymity,and hence properly protect user privacy.However,the security analysis of current anonymous broadcast encryption schemes suffers from huge reduction loss.Observing the above-mentioned problems,we finish the following three works in this thesis.1.Privacy-preserving public auditing for low-performance end devices in cloud.Considering that current public auditing protocols are not low performance end device friendly.In this thesis,we propose two lightweight privacy-preserving public auditing protocols in cloud.Our protocols are based on online/offline signatures.Therefore,users just need to perform lightweight operations when the outsourced data is given.Besides,our proposals support batch auditing and data dynamics.Experiments show that our protocols are hundreds of times more efficient than a classical protocol regarding to the computational overhead on user side.2.Strongly secure asymmetric group key agreement.In realize secure data sharing among multiple users,asymmetric group key agreement has the advantage of sender dynamic,round optimal and constant size ciphertext.However,some security properties,including sender non-repudiation and sender privacy,are not considered in existing AGKA protocols.In this thesis,we propose our solution to secure data sharing using a new security tool called identity based asymmetric group key agreement protocol with sender non-reputation and privacy.The protocol has been proven to achieve direct CCA secrecy,key escrow freeness,sender non-repudiation and sender privacy under the q-BDHE and CDH assumptions.3.Improved anonymous broadcast encryption.Although our strongly secure asymmetric group key agreement protocol provides strong enough security attributes,sender privacy and constant ciphertext,this protocol does not achieve receiver anonymity.Hence,we turn to anonymous broadcast encryption.In Anonymous broadcast encryption schemes,ciphertexts hide not only the message but also the target recipients associated with it.Based on the generic construction proposed by Libert et al.(PKC 2012),we propose two concrete ANOBE schemes with tight reduction and better space efficiency.Specifically,our scheme has a tight reduction,while Libert et al.'s results suffer from O(n3)where n is the number of users in the system.Besides,both of our schemes halve the ciphertext size of Libert et al.'s instantiations.