Blending Convergent Encryption and Access Control Scheme for Achieving A Secure and Storage Efficient Cloud

Tariqul Islam; Kiho Lim; D. Manivannan

doi:10.1109/CCNC46108.2020.9045108

Blending Convergent Encryption and Access Control Scheme for Achieving A Secure and Storage Efficient Cloud

Tariqul Islam, Kiho Lim, D. Manivannan

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

2 Scopus citations

Abstract

Conventional encryption schemes are being used over the years for securing outsourced data to cloud. However, this impedes deduplication-the ability to identify and remove duplicate data from storage server. The idea of Convergent Encryption was introduced to overcome this problem which ensures that identical plaintext files will always produce identical ciphertexts and thus enabling deduplication. Nonetheless, this scheme is vulnerable to a side-channel attack called 'confirmation-of-a-file' and its variant 'learn-the-remaining-information' attack which breach user privacy by observing the deduplication operation. To resolve the above two seemingly contrasting issues, we propose a scheme which blends convergent encryption with a traditional access control scheme for simultaneously achieving confidentiality and deduplication. Both theoretical security analysis and experimental results show that our scheme is semantically secure and resilient against attacks. It incurs minor storage and latency overhead while performing file and block level deduplication. Furthermore, it ensures secure and fine-grained access control of outsourced data by efficiently handling key-management process.

Original language	English
Title of host publication	2020 IEEE 17th Annual Consumer Communications and Networking Conference, CCNC 2020
Pages	1-6
Number of pages	6
ISBN (Electronic)	9781728138930
DOIs	https://doi.org/10.1109/CCNC46108.2020.9045108
State	Published - Jan 2020
Event	17th IEEE Annual Consumer Communications and Networking Conference, CCNC 2020 - Las Vegas, United States Duration: Jan 10 2020 → Jan 13 2020

Publication series

Name	2020 IEEE 17th Annual Consumer Communications and Networking Conference, CCNC 2020
Volume	2019-January

Conference

Conference	17th IEEE Annual Consumer Communications and Networking Conference, CCNC 2020
Country/Territory	United States
City	Las Vegas
Period	1/10/20 → 1/13/20

Bibliographical note

Publisher Copyright:
© 2020 IEEE.

Keywords

Access Control
Authentication
Confidentiality
Convergent Encryption
Deduplication

ASJC Scopus subject areas

Artificial Intelligence
Computer Networks and Communications
Hardware and Architecture
Safety, Risk, Reliability and Quality
Media Technology
Communication

Access to Document

10.1109/CCNC46108.2020.9045108

Cite this

Islam, T., Lim, K., & Manivannan, D. (2020). Blending Convergent Encryption and Access Control Scheme for Achieving A Secure and Storage Efficient Cloud. In 2020 IEEE 17th Annual Consumer Communications and Networking Conference, CCNC 2020 (pp. 1-6). Article 9045108 (2020 IEEE 17th Annual Consumer Communications and Networking Conference, CCNC 2020; Vol. 2019-January). https://doi.org/10.1109/CCNC46108.2020.9045108

@inproceedings{77263bd04e0146e695dd2288fac6a6d6,

title = "Blending Convergent Encryption and Access Control Scheme for Achieving A Secure and Storage Efficient Cloud",

abstract = "Conventional encryption schemes are being used over the years for securing outsourced data to cloud. However, this impedes deduplication-the ability to identify and remove duplicate data from storage server. The idea of Convergent Encryption was introduced to overcome this problem which ensures that identical plaintext files will always produce identical ciphertexts and thus enabling deduplication. Nonetheless, this scheme is vulnerable to a side-channel attack called 'confirmation-of-a-file' and its variant 'learn-the-remaining-information' attack which breach user privacy by observing the deduplication operation. To resolve the above two seemingly contrasting issues, we propose a scheme which blends convergent encryption with a traditional access control scheme for simultaneously achieving confidentiality and deduplication. Both theoretical security analysis and experimental results show that our scheme is semantically secure and resilient against attacks. It incurs minor storage and latency overhead while performing file and block level deduplication. Furthermore, it ensures secure and fine-grained access control of outsourced data by efficiently handling key-management process.",

keywords = "Access Control, Authentication, Confidentiality, Convergent Encryption, Deduplication",

author = "Tariqul Islam and Kiho Lim and D. Manivannan",

note = "Publisher Copyright: {\textcopyright} 2020 IEEE.; 17th IEEE Annual Consumer Communications and Networking Conference, CCNC 2020 ; Conference date: 10-01-2020 Through 13-01-2020",

year = "2020",

month = jan,

doi = "10.1109/CCNC46108.2020.9045108",

language = "English",

series = "2020 IEEE 17th Annual Consumer Communications and Networking Conference, CCNC 2020",

pages = "1--6",

booktitle = "2020 IEEE 17th Annual Consumer Communications and Networking Conference, CCNC 2020",

}

Islam, T, Lim, K & Manivannan, D 2020, Blending Convergent Encryption and Access Control Scheme for Achieving A Secure and Storage Efficient Cloud. in 2020 IEEE 17th Annual Consumer Communications and Networking Conference, CCNC 2020., 9045108, 2020 IEEE 17th Annual Consumer Communications and Networking Conference, CCNC 2020, vol. 2019-January, pp. 1-6, 17th IEEE Annual Consumer Communications and Networking Conference, CCNC 2020, Las Vegas, United States, 1/10/20. https://doi.org/10.1109/CCNC46108.2020.9045108

Blending Convergent Encryption and Access Control Scheme for Achieving A Secure and Storage Efficient Cloud. / Islam, Tariqul; Lim, Kiho; Manivannan, D.
2020 IEEE 17th Annual Consumer Communications and Networking Conference, CCNC 2020. 2020. p. 1-6 9045108 (2020 IEEE 17th Annual Consumer Communications and Networking Conference, CCNC 2020; Vol. 2019-January).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Blending Convergent Encryption and Access Control Scheme for Achieving A Secure and Storage Efficient Cloud

AU - Islam, Tariqul

AU - Lim, Kiho

AU - Manivannan, D.

PY - 2020/1

Y1 - 2020/1

N2 - Conventional encryption schemes are being used over the years for securing outsourced data to cloud. However, this impedes deduplication-the ability to identify and remove duplicate data from storage server. The idea of Convergent Encryption was introduced to overcome this problem which ensures that identical plaintext files will always produce identical ciphertexts and thus enabling deduplication. Nonetheless, this scheme is vulnerable to a side-channel attack called 'confirmation-of-a-file' and its variant 'learn-the-remaining-information' attack which breach user privacy by observing the deduplication operation. To resolve the above two seemingly contrasting issues, we propose a scheme which blends convergent encryption with a traditional access control scheme for simultaneously achieving confidentiality and deduplication. Both theoretical security analysis and experimental results show that our scheme is semantically secure and resilient against attacks. It incurs minor storage and latency overhead while performing file and block level deduplication. Furthermore, it ensures secure and fine-grained access control of outsourced data by efficiently handling key-management process.

AB - Conventional encryption schemes are being used over the years for securing outsourced data to cloud. However, this impedes deduplication-the ability to identify and remove duplicate data from storage server. The idea of Convergent Encryption was introduced to overcome this problem which ensures that identical plaintext files will always produce identical ciphertexts and thus enabling deduplication. Nonetheless, this scheme is vulnerable to a side-channel attack called 'confirmation-of-a-file' and its variant 'learn-the-remaining-information' attack which breach user privacy by observing the deduplication operation. To resolve the above two seemingly contrasting issues, we propose a scheme which blends convergent encryption with a traditional access control scheme for simultaneously achieving confidentiality and deduplication. Both theoretical security analysis and experimental results show that our scheme is semantically secure and resilient against attacks. It incurs minor storage and latency overhead while performing file and block level deduplication. Furthermore, it ensures secure and fine-grained access control of outsourced data by efficiently handling key-management process.

KW - Access Control

KW - Authentication

KW - Confidentiality

KW - Convergent Encryption

KW - Deduplication

UR - http://www.scopus.com/inward/record.url?scp=85094845282&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85094845282&partnerID=8YFLogxK

U2 - 10.1109/CCNC46108.2020.9045108

DO - 10.1109/CCNC46108.2020.9045108

M3 - Conference contribution

AN - SCOPUS:85094845282

T3 - 2020 IEEE 17th Annual Consumer Communications and Networking Conference, CCNC 2020

SP - 1

EP - 6

BT - 2020 IEEE 17th Annual Consumer Communications and Networking Conference, CCNC 2020

T2 - 17th IEEE Annual Consumer Communications and Networking Conference, CCNC 2020

Y2 - 10 January 2020 through 13 January 2020

ER -

Islam T, Lim K, Manivannan D. Blending Convergent Encryption and Access Control Scheme for Achieving A Secure and Storage Efficient Cloud. In 2020 IEEE 17th Annual Consumer Communications and Networking Conference, CCNC 2020. 2020. p. 1-6. 9045108. (2020 IEEE 17th Annual Consumer Communications and Networking Conference, CCNC 2020). doi: 10.1109/CCNC46108.2020.9045108

Blending Convergent Encryption and Access Control Scheme for Achieving A Secure and Storage Efficient Cloud

Abstract

Publication series

Conference

Bibliographical note

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this