Efficient Revocable Multi-Authority Attribute-Based Proxy Re-Encryption In Mobile Cloud Computing

In the recent years,there has been an increase in the number of connected mobile phones and handheld devices,which has overthrown the amount of connected computers,and is pushing more and more developers to shift their production towards cross platform mobile development.As a result,mobile devices tend to perform the same tasks as traditional computers.However,due to mobile devices inherent resources limitations,mobile cloud computing has been introduced to offload heavy computations,as well as to outsource large amount of data to cloud based resources,therefore increasing the user experience,and allowing device-independent access to outsourced data.Despite mobile cloud computing breakthrough,security and privacy issues when outsourcing sensitive data remain a significant hindrance to the large adoption of mobile cloud computing solutions.Secure frameworks allowing users to mediate access control over their outsourced data,while taking into account the intrinsic limited performances of mobile devices,as well as the user experience,are therefore needed.This thesis focuses on solving the security and privacy issues of outsourced data in mobile cloud storage.The main contributions of this work are listed as follows:(1)This thesis targeted the outsourced data access authorization in mobile cloud storage,to carry out the aim of the research.To guarantee data access only to the legitimate users as well as to solve the key escrow issue allowing any trusted third party to decrypt users' messages,this work proposed a novel multi-authority ciphertext-policy attribute-based encryption.To moreover reduce the computation burden on the data user,and hence increase the user experience,this thesis introduced a new cloud based unit,to offload data users' heavy computations,and to perform partial ciphertext decryption denoted as cloud user assistant.Furthermore,to get rid of the trusted third party requirement in existing schemes,this work has shifted the trust on the data owner,to allow it to generate major system parameters,as it already possesses the plaintext.However,no entity in this scheme can generate on its own all the secret parameters.The system workflow is as follows: the data owner generates the system public parameters and the master secret key.The data owner moreover,generates part of the user secret key,and encrypts the ciphertext under an access control policy.The attribute authority managing a disjoint set of attributes,issues attributes secret keys,for the requested attributes,to the cloud user assistant representative of a specific data user.The cloud user assistant aggregates the multiple attribute authority secret keys from many attribute authorities for a specific data user,as well as performs partial decryption of the ciphertext,to assess the binary access authorization status of the data user,and returns the result to the data user.The authorized data user receives the partially decrypted ciphertext,and performs the rest of decryption locally,with the parts of its secret key received from both the data owner,and from its cloud user assistant unit.The detailed security analysis as well as the performance analysis demonstrated the security,efficacy,efficiency,and flexibility of this scheme.(2)This work aimed at the user authentication over outsourced encrypted data in mobile cloud storage,as well as at the flexibility of issuing parameters to data users,in a distributed access control environment over encrypted cloud data configuration,in mobile cloud storage.To address the issue of non-authentication of data users in current schemes,this construction adopted its previously proposed multi-authority attributebased encryption scheme as authentication layer over type-based proxy re-encryption.To solve the issue of having the data owner always online to issue re-encryption keys to authorized users,this work proposed a new protocol allowing the data owner to generate re-encryption keys for authorized data users ahead of time,and the semi trusted proxy to mediate data user access over those re-encryption keys,by introducing a new data structure denoted as authorization structure,which is a mapping per category,between an authorized data user,and its re-encryption key.To allow better understanding of the authentication layer,this work denoted the multi-authority ciphertext-policy attribute-based encryption operations as privilege operations,producing privilege parameters.The scheme workflow goes as follows: the data owner performs all the privilege operations of the first proposed scheme to generate privilege parameters,which this time,contain more variables regarding the public parameters and the master key,in order to support type-based proxy re-encryption.The data owner moreover encrypts,using its own secret key,the data to be outsourced.It produces the authorization structure,and generates the privilege ciphertext serving as challenge authentication ciphertext in this scheme,such that both the privilege ciphertext,the authorization structure,and the useful encrypted payload under type-based proxy reencryption,are sent to the proxy server.The attribute authority performs its privilege operations in the scheme.The data user outsources its privilege key to the proxy server,which performs authentication over the challenge ciphertext.Upon successful user authentication,the proxy searches the authorization structure for the data user's corresponding re-encryption key.If the re-encryption key is found,the proxy recomputes the payload ciphertext,and the data user can download it locally and perform decryption with its secret key.Thorough security analysis demonstrated the security of this construction against chosen ciphertext attack in the random oracle model,under the decisional bilinear diffie-hellman assumption.Performance analysis of this scheme showed that it achieves flexibility and efficiency in computation and communication overhead,while providing a high level of security in depth.(3)This thesis aimed at users lifecycle management in mobile cloud storage.To address user and attribute revocation at the authentication layer of the second scheme,this work proposed a new protocol making use of indirect revocation and attribute versioning,where the data owner is responsible to generate user revocation parameters,and the attribute authority managing the attribute to be revoked,is responsible to generate attribute update parameters,for both the privilege ciphertext and the privilege user key.To perform user revocation at the access authorization layer and hence at the type-based proxy re-encryption level,this scheme extended the former protocol,to delete the corresponding revoked user's re-encryption key entry in the authorization structure.To minimize both computation and communication overhead,this work furthermore extended the second scheme's protocol,by allowing the proxy to perform cloud based indirect user revocation and attribute versioning revocation,therefore enhancing the user experience.Moreover,revocation operations are only performed at data request,at the proxy level,to avoid the overhead introduced with broadcasting update parameters to legitimate users.Security analysis demonstrated that this scheme remains secure against chosen ciphertext attack under the decisional bilinear diffiehellman assumption.The workflow distribution in this scheme goes as follows.The data owner performs the privilege operations,as well as type-based proxy re-encryption operations,and it goes offline.When deciding to revoke a data user,the data owner generates an update parameter,and securely sends the update parameter to the proxy server,as well as the list of revoked users.The proxy server immediately updates the privilege ciphertext.When the data user sends its privilege key for user authentication to the proxy,the proxy updates the data user's privilege key,only if the data user is not among the revoked users,and the proxy performs cloud based data user authentication,and cloud based data user authorization.When deciding to revoke an attribute,the attribute authority generates two update parameters: one for a particular user privilege key,and one for the privilege ciphertext,and sends them to the proxy.At user authentication,if the user key has the revoked attribute,the proxy updates the user privilege key,and make a local copy of the privilege ciphertext,to avoid denial of service for legitimate users,then updates the attributes in the access tree of the privilege ciphertext copy.The proxy therefore conducts subsequent cloud based authentication and cloud based authorization,and finally deletes the local copy of the privilege ciphertext tailored for a particular requesting data user.Performance analysis showed that this scheme performs efficient user and attribute revocation.