Design And Analysis Of Verifiable Outsourced Computation Scheme Based On Encrypted Data

With the rapid development of the era of big data,all kinds of data is constantly produced,and data has become an important strategic resource.How to deal with these massive,complex,and rapidly growing data efficiently and accurately has become the key factor for each industry to seize the lead in the fierce competition.However,many clients with poor economic strength cannot pay for the high cost of purchasing and maintaining data processing equipment.As a result,these clients will lose the competitive edge for lack of the computational capability.In addition,technologies such as the Internet of Things(IOT),the Internet of Vehicles(IOV),and wearable medical devices are becoming more and more mature.To make accurate responses,terminal devices need to conduct the rapid analysis on a large amount of data.But for portability,these devices are often lightweight and unable to provide enough space for strong storage and computing power.As a result,these devices cannot process the data as desired by themselves,which will be an important factor for restricting the further development of these technologies in the direction of functionality diversification.It indicates that discrepancy between the demand on the computational resource of the complicated task and the constraint computational capability becomes an essential issue.The introduction of cloud computing provides a solution in such a way that the client with limited computational capability can delegate the complicated task to a cloud server.This action of accomplishing difficult computation with the help of one powerful entity is called as outsourced computation.The outsourced computation can be divided into two categories.Initially,the outsourced computation needs the client to send both input and function to the cloud server,and then the cloud server only performs the computation to return back the result.In this case,it makes sense that the client's local time cost is less than that of directly performing the computation by himself/herself.Otherwise,it is meaningless to delegate the computation to the cloud server and the client still cannot perform the local computation whose time cost is almost identical to that of computing the outsourced function.In another model,the client can first store some data in the cloud server,and then it asks the cloud server to compute on the outsourced data.In this way,the client is relieved from not only the computational burden but also the storage burden.The outsourced computation in the data sharing setting is also an important case where the data owner and user can be different parties.The outsourced computation in this case is qualified to implement the data sharing functionality.For these facts,the outsourced computation based on outsourced database is better than the one introduced in the beginning of this paragraph.Although outsourced computation can help client overcome the difficulty caused by the poor capability with respect to storage and computation,it also suffers from some security concerns that should be considered.Since the result usually contains some important information.The client would suffer losses if the result is wrong.Hence,it is important to ensure the correctness of the result returned by cloud server.A solution is to require the cloud server to send back a proof that the returned result is correctly computed.By this solution,the client can efficiently check the correctness of the result by using the proof and his/her holding information.In the outsourced computation,the input and result may contain some sensitive information,the client's private information can be prevented from being revealed if their confidentiality is guaranteed.Furthermore,the action that the cloud server analyzes the input and result and then forges a proof is also hindered by the confidentiality.This in turn reduces the risk that the client is deceived to accept a wrong result by the cloud server.Hence,to ensure the confidentiality of input and result is an important goal in many schemes.It should be taken into account that the data user may abuse the outsourced data beyond the owner's permission,which will result in the data leakage.This implies that preventing the outsourced data from being abused is a new requirement in outsourced computation besides ensuring the confidentiality of the data and result.The confidentiality and usability of data has always been the hotspot in the cryptographic community.The confidentiality of the input data in outsourced computation can be ensured by using the traditional encryption,but the usability of the data can be affected.Therefore,how to balance the relationship between the confidentiality and usability of the data becomes an important issue.This thesis mainly researches on the verifiable outsourced computation based on the encrypted data in such a way that some kinds of computations can be performed on the encrypted data,where the concrete construction and data leakage issues for some practical cases are included.Specifically,(1)The verifiable outsourced inner product computation with the selective data sharing functionality.To propose an efficient verifiable outsourced inner product computation scheme from the inner product functional encryption scheme,we first focus on the issues regarding leakage of master secret key and encrypted vector.The security of inner product functional encryption is strengthened by introducing the requirements of standard consistency constraint condition and encrypted vector hiding.A construction under this stronger model is proposed for the inner product functional encryption.We then propose a verifiable outsourced computation model for the selective data sharing setting with the goal of enhancing the data confidentiality guarantee.This model is distinguished from the conventional data sharing model in the sense that the result is sent back to the data user instead of the outsourced data.And only the authorized data user can obtain the result from the returned result.The data user's storage and computation burden can be relieved.Furthermore,the probability of data leakage is reduced because the outsourced data is not directly sent to the data user.Based on the proposed inner product functional encryption scheme,the scheme under this model is proposed whose verification time and storage overhead are independent of the vector size.In addition,the proposed scheme can ensure the confidentiality of the secret key and result.The CCA security of the underlying inner product functional encryption can restrict the computation on the outsourced data to be inner product besides ensuring the confidentiality of the outsourced data.It implies that the scheme implements double access control on the outsourced data so that the authorized data user can only compute the inner product by using the outsourced data.This part of work is related to the work Privacy-Preserving Outsourced Inner Product Computation on Encrypted Database that is published in the journal of IEEE Transactions on Dependable and Secure Computing,and the detailed description is given in Chapter 3.(2)The verifiable outsourced inner product computation with authentication for data and user.For the inner product computation,we use the inner product functional encryption as a building block to construct a verifiable outsourced computation scheme for the selective data sharing setting.The proposed scheme can be used to share the data among a specific set of users by authenticating the desired data and users.In order to achieve the authentication for outsourced data,the owner needs to build the binding relationship for the label ?i and data xi.This is achieved by encrypting the tuple(?i,x2)before storing it in cloud server.For the user authentication,the user's secret key is used as his/her authentication information that remain the same when the data owner updates the authorization information.Upon the cloud server receives the computing query from the user,the authentication process is conducted by the cloud server to locate the desired data and determine whether the user is authorized to access to the data.The data confidentiality can be ensured by preventing the unauthorized user from using the data.Since the unauthorized user will be rejected before performing the computation,the cloud server is free of the computation overhead induced by the unauthorized user.In addition,the relationship will not be revealed when the cloud server locates the desired data.This part of work is related to the work Verifiable Inner Product Computation on Outsourced Database for Authenticated Multi-user Data Sharing published in the journal of Information Sciences,and the detailed description is given in Chapter 4.(3)The verifiable outsourced computation with result confidentiality guarantee.We use the attribute-based encryption as a building block to construct an efficient verifiable computation scheme for Boolean function.The proposed scheme is efficient,achieving public delegation and public verifiability,etc.However,the blindly public verifiability can ensure the validity of the result is checked without revealing the value.The verification for the validity of the result and recovering the value from the returned result are independent processes in the proposed scheme.To obtain the value,it needs to use the retrieving key that is the secret information.As a result,the client holding the evaluation key is only allowed to learn the value,so that the value will not be revealed in the verification process.This implies that the blindly public verifiability is more advanced than the public verifiability.The result confidentiality guarantee in the proposed scheme is further enhanced in the sense that the value can be learned only if some clients cooperate on the retrieving the value.This part of work is related to the work An Improved Scheme for Out-sourced Computation with Attribute-based Encryption that is published in the journal of Concurrency and Computation:Practice and Experience,and the detailed description is given in Chapter 5.In conclusion,this thesis systematically studies on the system model,security and confidentiality in the outsourced computation,and the more practical schemes are proposed.This work is of important significance for the promotion and usability of the cloud computing service from theoretical and practical view.