Abstract
Identity-based proxy pre-encryption is a good candidate to achieve data sharing. When it is deployed to fog computing scenarios, it can provide more flexible access control service than being deployed to cloud computing for end-users since fog nodes are physically close to end-users. However, the existing IB-PRE schemes exist several security flaws. First, all IB-PRE schemes exist key escrow problem, which makes that the PKG can decrypt all ciphertexts of the users. Second, one re-encryption key can transform all ciphertexts of the delegator into all ciphertexts of the delegatee, which makes the scheme cannot provide fine-grained access control. Third, most of IB-PRE schemes cannot provide the user revocation and prevent collusion attacks. To overcome the above problems, in the paper, we propose an identity-based data storage scheme with anonymous key generation which is applied to fog computing. And then it is shown to provably secure in the random oracle model. By comparing with other existing schemes, our scheme has some advantages over the other schemes in terms of security properties. Finally, by experiment analysis, the result shows our scheme is efficient with respect to computational cost and communication overhead.
Similar content being viewed by others
References
Ahmed E, Chatzimisios P, Gupta BB et al (2018) Recent advances in fog and mobile edge computing. Trans Emerg Telecommun Technol 29(4):e3307
Bar-Magen Numhauser J (2012) Fog computing introduction to a new cloud evolution. Escrituras silenciadas: paisaje como historiografía. University of Alcala, Spain. pp 111–126. ISBN 978-84-15595-84-7
Blaze M, Bleumer G, Strauss M (1998) Divertible protocols and atomic proxy cryptography. In: Eurocrypt’98, LNCS 1403, pp 127–144
Cai Z, Yan H, Li P, Huang Z, Gao C (2017) Towards secure and flexible EHR sharing in mobile health cloud under static assumptions. Clust Comput 20(3):2415–2422
Cao Y, Zhou Z, Sun X et al (2015) Coverless information hiding based on the molecular structure images of material. Comput Mater Contin 54(2):197–207
Chen X, Li J, Ma J, Tang Q, Lou W (2014) New algorithms for secure outsourcing of modular exponentiations. IEEE Trans Parallel Distrib Syst 25(9):2386–2396
Chen X, Li J, Huang X, Ma J, Lou W (2015) New publicly verifiable databases with efficient updates. IEEE Trans Dependable Secure Comput 12(5):546–556
Chen X, Li J, Ma J, Weng J, Lou W (2016) Verifiable computation over large database with incremental updates. IEEE Trans Comput 65(10):3184–3195
Chu CK, Tzeng WG (2007) Identity-based proxy re-encryption without random oracles. ISC 2007, LNCS 4779, pp 189–202
Din S, Paul A, Ahmad A et al (2018) Service orchestration of optimizing continuous features in industrial surveillance using big data based fog-enabled internet of things. IEEE Access PP(99):1–1
Fiat A, Naor M (1993) Broadcast encryption. In: Annual international cryptology conference. Springer, Berlin, pp 480–491
Gao C, Cheng Q, He P, Susilo W, Li J (2018) Privacy-preserving naive bayes classifiers secure against the substitution-then-comparison attack. Inf Sci 444:72–88
Green M, Ateniese G (2007) Identity-based proxy re-encryption. Appl Cryptogr Netw Secur 4521:288–306
Gupta S, Gupta BB, Zhang LJ (2017) Smart XSS attack surveillance system for OSN in virtualized intelligence network of nodes of fog computing. Int J Web Serv Res 14(4):1–32
Han J, Susilo W, Mu Y (2013) Identity-based data storage in cloud computing. Future Gen Comput Syst 29:673–681. https://doi.org/10.1016/j.future.2012.07.010
“IoT, from cloud to fog computing”. blogs@Cisco—Cisco Blogs. Retrieved 07 Apr 2017
Jiang T, Chen X, Li J, Wong DS, Ma J, Liu JK (2015) Towards secure and reliable cloud storage against data re-outsourcing. Future Gen Comput Syst 52:86–94
Li J, Chen X, Li M, Li J, Lee P, Lou W (2014a) Secure deduplication with efficient and reliable convergent key management. IEEE Trans Parallel Distrib Syst 25(6):1615–1625
Li J, Huang X, Li J, Chen X, Xiang Y (2014b) Securely outsourcing attribute-based encryption with checkability. IEEE Trans Parallel Distrib Syst 25(8):2201–2210
Li J, Li J, Chen X, Jia C, Lou W (2015a) Identity-based encryption with outsourced revocation in cloud computing. IEEE Trans Comput 64(2):425–437
Li J, Li J, Chen X, Jia C, Lou W (2015b) Identity-based encryption with outsourced revocation in cloud computing. IEEE Trans Comput 64(2):425–437
Li P, Li J, Huang Z, Li T, Gao C-Z, Yiu S-M, Chen K (2017) Multi-key privacy-preserving deep learning in cloud computing. Future Gen Comput Syst 74:76–85
Li J, Zhang Y, Chen X, Xiang Y (2018a) Secure attribute-based data sharing for resource-limited users in cloud computing. Comput Secur 72:1–12
Li J, Chen X, Chow SSM, Huang Q, Wong DS, Liu Z (2018b) Multi-authority fine-grained access control with accountability and its application in cloud. J Netw Comput Appl 112:89–96
Li T, Li J, Liu Z, Li P, Jia C (2018c) Differentially private naive bayes learning over multiple data sources. Inf Sci 444:89–104
Lin Q, Yan H, Huang Z, Chen W, Shen J, Tang Y (2018) An ID-based linearly homomorphic signature scheme and its application in blockchain. IEEE Access 6(1):20632–20640
Luo E, Liu Q, Wang G (2016) Hierarchical multi-authority and attribute-based encryption friend discovery scheme in mobile social networks. IEEE Commun Lett 20(9):1772–1775
Manasrah AM, Aldomi A, Gupta BB (2017) An optimized service broker routing policy based on differential evolution algorithm in fog/cloud environment. Clust Comput 1:1–15
Matsuo T (2007) Proxy re-encryption systems for identity-based encryption. In: Pairing-based cryptography-pairing 2007, LNCS 4575, pp 247–267
Mell P, Grance T (2011) The NIST definition of cloud computing. NIST Special Publication 800-145. http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf
Mizuno T, Doi H (2011) Secure and efficient IBE-PKE proxy re-encryption. IEICE Trans E94–A(1):36–44
Mtonga K, Paul A, Rho S (2014) Time-and-ID-based proxy reencryption scheme. J Appl Math 2014, Article ID 329198
PBC library, the pairing-based cryptography library. http://crypto.stanford.edu/pbc/
Sahai A, Waters B (2005) Fuzzy identity-based encryption. EUROCRYPT, LNCS 9173, pp 457–473
Shao J, Cao Z (2012) Multi-use unidirectional identity-based proxy re-encryption from hierarchical identity-based encryption. Inf Sci 206:83–95
Shen H, Gao C, He D, Libing W (2015) New biometrics-based authentication scheme for multi-server environment in critical systems. J Ambient Intell Humaniz Comput 6(6):825–834
Shen J, Zhou T, Chen X, Li J, Susilo W (2018a) Anonymous and traceable group data sharing in cloud computing. IEEE Trans Inf Forensics Secur 13(4):912–925
Shen J, Wang C, Li T, Chen X, Huang X, Zhan Z-H (2018b) Secure data uploading scheme for a smart home system. Inf Sci. https://doi.org/10.1016/j.ins.2018.04.048
Tang Q, Hartel P, Jonker W (2009) Inter-domain identity-based proxy reencryption. In: Information security and cryptology, LNCS 5487, pp 332–347
Wang L, Wang L, Mambo M, Okamoto E (2010a) New identity-based proxy reencryption schemes to prevent collusion attacks. In: Pairing-based cryptography-pairing 2010, LNCS 6487, pp 327–346
Wang L, Wang L, Mambo M, Okamoto E (2010b) Identity-based proxy cryptosystems with revocability and hierarchical confidentialities. In: Soriano M, Qing S (eds) ICICS 2010, LNCS 6476, pp 383–440
Wang Q, Wang C, Ren K, Lou W, Li J (2011) Enabling public auditability and data dynamics for storage security in cloud computing. IEEE Trans Parallel Distrib Syst 22(5):847–859
Wang H, Zheng Z, Lei W, Li P (2017) New directly revocable attribute-based encryption scheme and its application in cloud storage environment. Clust Comput 20(3):2385–2392
Waters B (2005) Efficient identity-based encryption without random oracles, EUROCRYPT 2005, LNCS 3494, pp 114–127
Wu Z, Tian L, Li P, Wu T, Jiang M, Wu C (2018) Generating stable biometric keys for flexible cloud computing authentication using finger vein. Inf Sci 433–434:431–447
Yang L, Han Z, Huang Z et al (2018) A remotely keyed file encryption scheme under mobile cloud computing. J Netw Comput Appl 106:90–99
Ye H, Liu J, Wang W, Li P, Li T, Li J (2018) Secure and efficient outsourcing differential privacy data release scheme in cyber-physical system. Future Gen Comput Syst. https://doi.org/10.1016/j.future.2018.03.034
Zhang Y, Zheng D, Li Q, Li J, Li H (2016) Online/offline unbounded multi-authority attribute-based encryption for data sharing in mobile cloud computing. Secur Commun Netw 9(16):3688–3702
Zhang Y, Chen X, Li J, Wong DS, Li H, You I (2017) Ensuring attribute privacy protection and fast decryption for outsourced data security in mobile cloud computing. Inf Sci 379:42–61
Zhou Z, Dong M, Ota K, Wang G, Yang LT (2016) Energy-efficient resource allocation for D2D communications underlaying cloud-RAN-based LTE-A networks. IEEE Internet Things J 3(3):428–438
Zuo C, Shao J, Wei G, Xie M, Ji M (2018) CCA-secure ABE with outsourced decryption for fog computing. Future Gen Comput Syst 78:730–738
Acknowledgements
This research was was supported by Beijing Municipal Natural Science Foundation (Nos. 4162020), Guangxi Key Laboratory of Cryptography and Information Security (No. GCIS201710) and Research Fund of Guangxi Key Lab of Multi-source Information Mining & Security (No. MIMS16-01).
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
The authors declare that they have no conflict of interest.
Human and animal rights
This article does not contain any studies with human participants or animals performed by any of the authors.
Additional information
Communicated by B. B. Gupta.
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Zhang, J., Bai, W. & Wang, X. Identity-based data storage scheme with anonymous key generation in fog computing. Soft Comput 24, 5561–5571 (2020). https://doi.org/10.1007/s00500-018-3593-z
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00500-018-3593-z