Please use this identifier to cite or link to this item: http://hdl.handle.net/11455/92971
標題: Authenticated Key Exchange and Keyword Search Schemes and Their Applications to Cloud Storage Service
認證金鑰交換與關鍵字搜尋技術及其在雲端儲存服務上的應用
作者: 李欽文
Chin-Wen Lee
關鍵字: Authenticated Key Exchange
Session key
Keyword search scheme
Cloud storage service
Off-line keyword guessing attack
認證金鑰交換
會談金鑰
關鍵字搜尋技術
雲端儲存服務
離線關鍵字猜測攻擊
引用: [1] J. Baek, R. Safavi-Naini and W. Susilo, 'Public key encryption with keyword search revisited,' in ICCSA 2008, LNCS, vol. 5072, pp. 1249–1259, 2008. [2] J. Baliga, R. W. A. Ayre, K. Hinton, and R. S. Tucker, 'Green cloud computing: Balancing energy in processing, storage, and transport,' in Proceedings of the IEEE, vol. 99, no. 1, pp. 149-167, 2011. [3] P. Bergamo, P. D'Arco, A. De Santis and L. Kocarev, 'Security of public-key cryptosystems based on Chebyshev polynomials,' IEEE Transaction on Circuits and System, vol. 52, no. 7, pp. 1382–1393, 2005. [4] D. Boneh, G. D. Crescenzom, R. Ostrovsky and G. Rersiano, 'Public key encryption with keyword search,' in Advance in Cryptology-EUROCRYPT 2004, LNCS, vol. 3027, pp. 506–522, 2004. [5] J. W. Byun, H. S. Rhee, H. A. Park and D. H. Lee, 'Off-line keyword guessing attacks on recent keyword search schemes over encrypted data,' in Secure Data Management, LNCS, vol. 4165, pp. 75–83, 2006. [6] P. S. Chung, C. W. Liu and M. S. Hwang, 'A study of attributebased proxy re-encryption scheme in cloud environments' International Journal of Network Security, vol. 16, no.1, pp. 1–13, 2014. [7] M. S. Farash and M. A. Attari, 'An efficient and provably secure three-party password-based authenticated key exchange protocol based on Chebyshev chaotic maps,' Nonlinear Dynamics, vol. 77, no. 1-2, pp. 399-411, 2014. [8] P. Gong, P. Li and W. Shi, 'A secure chaotic maps-based key agreement protocol without using smart cards,' Nonlinear Dynamics, vol. 70, no. 4, pp. 2401-2406, 2012. [9] S. Han and E. Chang, 'Chaotic map based key agreement with/out clock synchronization,' Chaos, Solitons and Fractals, vol. 39, no. 3, pp. 1283–1289, 2009. [10] D. He, Y. Chen and J. Chen, 'Cryptanalysis and improvement of an extended chaotic maps-based key agreement protocol,' Nonlinear Dynamics, vol. 69, no. 3, pp. 1149–1157, 2012. [11] S. T. Hsu, M. S. Hwang and C. C. Yang, 'A study of keyword search over encrypted data in cloud storage service,' Master Thesis of National Chung Hsing University, Department of Management Information System, 2013. [12] S. T. Hsu, C. C. Yang and M. S. Hwang, 'A study of public key encryption with keyword search,' International Journal of Network Security, vol. 15, no. 2, pp. 71–79, 2013. [13] C. Hu and P. Liu, 'A secure searchable public key encryption scheme with a designated tester against keyword guessing attacks and its extension,' in Advances in Computer Science, Environment, Ecoinformatics, and Education, Communications in Computer and Information Science, pp. 131–136, 2011, Wuhan, China. [14] J. J. Huang, W. S. Juang, C. I. Fan and H. T. Liaw, 'Robust and privacy protection authentication in cloud computing,' International Journal of Innovative Computing , Information and Control, vol. 9, no. 11, pp. 4247-4261, 2013. [15] A. Iosup, S. Ostermann, M. N. Yigitbasi, R. Prodan, T. Fahringer, and D. H. J. Epema, 'Performance analysis of cloud computing services for many-tasks scientific computing,' IEEE Transactions on Parallel and Distributed Systems, vol. 22, no. 6, pp. 931-945, 2011. [16] H. Lai, J. Xiao, L. Li, and Y. Yang, 'Applying semigroup property of enhanced Chebyshev polynomials to anonymous authentication protocol,' Mathematical Problems in Engineering, Article ID: 454823, 2012. [17] C. C. Lee, C. L. Chen, C. Y. Wu and S. Y. Huang, 'An extended chaotic maps-based key agreement protocol with user anonymity,' Nonlinear Dynamics, vol. 69, no. 1–2, pp. 79–87, 2012. [18] C. C. Lee, P. S. Chung and M. S. Hwang, 'A survey on attribute-based encryption schemes of access control in cloud environments,' International Journal of Network Security, vol. 15, no. 4, pp. 231–240, 2013. [19] C. C. Lee and C. W. Hsu, 'A secure biometric-based remote user authentication with key agreement protocol using extended chaotic maps,' Nonlinear Dynamics, vol. 71, no. 1–2, pp. 201–211, 2013. [20] C. C. Lee, C. T. Li, S. T. Chiu, Y. M. Lai, 'A New Three-party Authenticated Key Agreement Scheme Based on Chaotic Maps without Password Table,' Nonlinear Dynamics, vol. 79, no. 4, pp. 2485-2495, 2015. [21] C. C. Lee, C. T. Li and C. W. Hsu, 'A three-party password-based authenticated key exchange protocol with user anonymity using extended chaotic maps,' Nonlinear Dynamics, vol. 73, no. 1–2, pp. 125–132, 2013. [22] C. T. Li, C. W. Lee and J. J. Shen, 'A secure three-party authenticated key exchange protocol based on extended chaotic maps in cloud storage service' in Proceedings of the 2015 International Conference on Information Networking (ICOIN 2015), IEEE CS, pp. 31–36, 2015, Siem Reap, Cambodia. [23] C. T. Li, C. W. Lee and J. J. Shen, 'An Extended Chaotic Maps Based Keyword Search Scheme over Encrypted Data resist Outside and Inside Keyword Guessing Attacks in Cloud Storage Services,' Nonlinear Dynamics, vol. 80, no. 3, pp. 1601-1611, 2015. [24] C. T. Li, C. C. Lee and C. Y. Weng, 'A secure chaotic maps and smart cards based password authentication and key agreement scheme with user anonymity for telecare medicine information systems,' Journal of Medical Systems, vol. 38, no. 9, pp. 1–11, 2014. [25] C. T. Li, C. C. Lee and C. Y. Weng, 'An extended chaotic maps based user authentication and privacy preserving scheme against DoS attacks in pervasive and ubiquitous computing environments,' Nonlinear Dynamics, vol. 74, no. 4, pp. 1133–1143, 2013. [26] C. T. Li, J. J. Shen, C. W. Lee, 'Security and Efficiency Analysis on A Simple Keyword Search Scheme over Encrypted Data in Cloud Storage Services,' The 4th International Symposium on Cloud and Services Computing (SC2 2014), LNCS, vol. 8662, pp. 367-375, Springer, Switzerland (2014), September 01-03, 2014, Beijing, China. [27] C. Lv, M. Ma, H. Li, J. Ma and Y. Zhang, 'An novel three-party authenticated key exchange protocol using one-time key,' Journal of Network and Computer Applications, vol. 36, no. 1, pp. 498–503, 2013. [28] J. C. Mason, D. C. Handscomb, 'Chebyshev Polynomials,' Chapman and Hall/CRC Press, London, 2003. [29] D. Mishra, S. Mukhopadhyay, A. Chaturvedi, S. Kumari, and M. K. Khan, 'Cryptanalysis and improvement of Yan et al.'s biometric-based authentication scheme for telecare medicine information systems,' Journal of Medical Systems, vol. 38, no. 24, 2014. [30] H. S. Rhee, J. H. Park, W. Susilo and D. H. Lee, 'Improved searchable public key encryption with designated tester,' in Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, pp. 376–379, 2009, Sydney, Australia. [31] H. S. Rhee, J. H. Park, W. Susilo and D. H. Kee, 'Trapdoor security in a searchable public-key encryption scheme with a designated tester,' Journal of System and Software, vol. 83, no. 5, pp. 763–771, 2010. [32] L. Veltri, S. Cirani, S. Busanelli, and G. Ferrari, 'A novel batch-based group key management protocol applied to the Internet of Things,' Ad Hoc Networks, vol. 11, no. 8, pp. 2724-2737, 2013. [33] X. Wang and J. Zhao, 'An improved key agreement protocol based on chaos,' Communications in Nonlinear Science and Numerical Simulation, vol. 15, no. 12, pp. 4052-4057, 2010. [34] L. Wei, H. Zhu, Z. Cao, X. Dong, W. Jia, Y. Chen, A.V. Vasilakos, 'Security and privacy for storage and computation in cloud computing,' Information Sciences, vol. 258, no. 10, pp. 371–386, 2014. [35] Q. Xie, J. Zhao, and X. Yu, 'Chaotic maps-based three-party password authenticated key agreement protocol,' Nonlinear Dynamics, vol. 74, no. 4, pp. 1021-1027, 2013. [36] E. J. Yoon and I. S. Jeon, 'An efficient and secure Diffie-Hellman key agreement protocol based on Chebyshev chaotic map,' Diffie-Hellman key agreement protocol based on Chebyshev chaotic map, vol. 16, no. 6, pp. 2383-2389, 2011. [37] Y. Yu, J. Ni, M. H. Au, H. Liu, H. Wang and C. Xu, 'Improved security of a dynamic remote data possession checking protocol for cloud storage,' Expert Systems with Applications, vol. 41, no. 17, pp. 7789–7796, 2014. [38] Y. Yu, L. Niu, G. Yang, Y. Mu and W. Susilo, 'On the security of auditing mechanisms for secure cloud storage,' Future Generation Computer System, vol. 30, pp. 127–132, 2014. [39] L. Zhang, 'Cryptanalysis of the public key encryption based on multiple chaotic systems,' Chaos, Solitons and Fractals, vol. 37, no. 3, pp. 669–674, 2008. [40] F. Zhao, P. Gong, S. Li, M. Li, and P. Li, 'Cryptanalysis and improvement of a three-party key agreement protocol using enhanced Chebyshev polynomials,' Nonlinear Dynamics, vol. 74, no. 1-2, pp. 419-427, 2013. [41] Y. Zhao, X. Chen, H. Ma, Q. Tang and H. Zhu, 'A new trapdoor-indistinguishable public key encryption with keyword search,' Journal of Wireless Mobile Networks, Ubiquitious Computing, and Dependable Applications, vol. 3, no. 1/2, pp. 72–81, 2012.
摘要: With the rapid development of cloud computing, cloud storage service becomes an essential part of cloud service. The cloud storage service provides huge cyberspace for clients to upload data, store data, update data and download data. However, there are some security threats when cloud users transmit sensitive data via insecure communication channel. In this thesis, in order to meet secure communications in cloud storage service, data senders and data receivers have to establish a secure common session key with the help of the trusted cloud server before using cloud storage service to transmit sensitive data. Moreover, the agreed session key is only known by the communication parties. After establishing the secure common session key, the data sender and the data receiver can use common session key to encrypt data and decrypt data. When the data is encrypted, it will become an unrecognizable ciphertext and even the data owner or an authorized user cannot recognize its contents. It causes cloud users cannot search the encrypted data rapidly. Therefore, a number of keyword search schemes over encrypted data are widely studied by scholars. A secure keyword search scheme needs to meet five security requirements, including: consistency, ciphertext indistinguishability, trapdoor indistinguishability, resist outside keyword guessing attacks and resist inside keyword guessing attacks. But, none of the existing keyword search schemes can resist the off-line inside keyword guessing attacks. According to the above-mentioned motivations and requirements, in this thesis, we would try to design a secure transmit environment and secret value based keyword search scheme to resist inside keyword guessing attacks in cloud storage services.
近年來隨著雲端運算的蓬勃發展,雲端儲存服務已成為不可或缺的雲端服務之一。雲端儲存服務為使用者提供網路大空間的服務,以供雲端使用者上傳資料、儲存資料、更新資料、及下載資料。然而,當使用者透過公開網路進行資料的傳送就會有安全上之威脅。因此,為了確保在雲端儲存服務中的資料傳輸過程是安全的,資料上傳者及資料接收者必須要在使用此服務前,事先藉由第三方之雲端伺服器的幫助來協議出一把會談金鑰。此外,只有資料上傳者及資料接收者知道會談金鑰為何。當參與者完成三方金鑰交換協議後,即可透過會談金鑰將機密資料進行加密與解密。 然而,當資料檔案經過加密處理後,資料將會變成不可辨識之密文,即使是檔案的擁有者或是檔案擁有者授權給其他可存取檔案之使用者都無法辨識其資料內容為何,因此當使用者擁有多份不可辨識之加密檔案時,會有搜尋加密檔案的效率問題。於是學者們陸續提出關鍵字搜尋法於加密檔案上的機制,用以解決搜尋加密檔案效率的問題。但要建構一個安全的關鍵字搜尋法於雲端儲存服務中,需滿足五項之安全性需求,分別為:計算的一致性、密文的不可辨識性、Trapdoor的不可辨識性、可抵擋離線外部關鍵字猜測攻擊、及可抵擋離線內部關鍵字猜測攻擊。但目前並無任何文獻可抵擋離線內部關鍵字猜測攻擊。針對以上問題與需求,本碩士論文將提供一個安全的雲端儲存服務傳輸資料環境並可抵擋內部關鍵字猜測攻擊之安全認證與通訊機制。
URI: http://hdl.handle.net/11455/92971
其他識別: U0005-2105201516551000
文章公開時間: 2015-07-14
Appears in Collections:資訊管理學系

文件中的檔案:

取得全文請前往華藝線上圖書館



Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.