Skip to main content
SpringerLink
Log in

Efficient information-theoretically secure schemes for cloud data outsourcing

  • Published:
Cluster Computing Aims and scope Submit manuscript

Abstract

Nowadays, outsourcing sensitive data to the cloud becomes popular. Outsourcing sensitive data to the cloud raises confidentiality concerns due to the loss of data control by the data owner. Data must be encrypted before outsourcing to ensure data confidentiality. However, when data is encrypted, a trade-off must be considered between efficiency and confidentiality. Homomorphic encryption allows computing over encrypted data, but its efficiency and overhead is still a great obstacle. In this paper, we propose a lightweight homomorphic encryption scheme with reduced computation and storage overhead. The proposed scheme presents a trade-off between a lower level of security and higher efficiency. The proposed scheme is formally verified, followed by a comprehensive discussion about confidentiality consideration.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

References

  1. Sudhakar, R.V., Rao, T.C.M.: Security aware index based quasi-identifier approach for privacy preservation of data sets for cloud applications. Clust. Comput. 23(4), 2579–2589 (2020). https://doi.org/10.1007/s10586-019-03028-7

    Article  Google Scholar 

  2. Kanwal, T., Anjum, A., Khan, A.: Privacy preservation in e-health cloud: taxonomy, privacy requirements, feasibility analysis, and opportunities. Clust. Comput. 24(1), 293–317 (2021). https://doi.org/10.1007/s10586-020-03106-1

    Article  Google Scholar 

  3. Kernel homomorphic encryption protocol. J. Inf. Sec. Appl. 48, 102366 (2019). https://doi.org/10.1016/j.jisa.2019.102366

  4. Shao, B., Ji, Y.: Efficient tpa-based auditing scheme for secure cloud storage. Clust. Comput. (2021). https://doi.org/10.1007/s10586-021-03239-x

  5. Paillier, P.: Public-Key Cryptosystems Based on Composite Degree Residuosity Classes. In: International conference on the theory and application of cryptographic techniques (EUROCRYPT), Prague, Czech Republic, pp. 223–238 (1999)

  6. Yakoubov, S., Gadepally, V., Schear, N., Shen, E., Yerukhimovich, A.: A survey of cryptographic approaches to securing big-data analytics in the cloud. In: 18\(^{rd}\) IEEE conference on High Performance Extreme Computing Conference (HPEC), pp. 1–6. IEEE (2014)

  7. Popa, R.A., Redfield, C.M.S., Zeldovich, N., Balakrishnan, H.: CryptDB: protecting confidentiality with encrypted query processing. In: 23rd ACM Symposium on Operating Systems Principles (SOSP), Cascais, Portugal, pp. 85–100 (2011)

  8. Tu, S., Kaashoek, M.F., Madden, S., Zeldovich, N.: Processing analytical queries over encrypted data. Proc. VLDB Endowment 6(5), 289–300 (2013)

    Article  Google Scholar 

  9. Arasu, A., Eguro, K., Joglekar, M., Kaushik, R., Kossmann, D., Ramamurthy, R.: Transaction processing on confidential data using Cipherbase. In: 31\(^{st}\) IEEE international conference on data engineering (ICDE), Seoul, Korea, pp. 435–446 (2015)

  10. Bajaj, S., Sion, R.: TrustedDB: a trusted hardware based database with privacy and data confidentiality. In: ACM SIGMOD international conference on management of data (SIGMOD), Athens, Greece, pp. 205–216 (2011)

  11. Thompson, B., Haber, S., Horne, W.G., Sander, T., Yao, D.: Privacy-preserving computation and verification of aggregate queries on outsourced databases. In: 9th International symposium on privacy enhancing technologies (PETS), Seattle, WA, USA, pp. 185–201 (2009)

  12. Agrawal, D., El Abbadi, A., Emekçi, F., Metwally, A.: Database management as a service: challenges and opportunities. In: 25th International conference on data engineering (ICDE), Shanghai, China, pp. 1709–1716 (2009)

  13. Hadavi, M.A., Jalili, R.: Secure data outsourcing based on threshold secret sharing; towards a more practical solution. In: 36 International conference on very large data bases (VLDB) PhD Workshop, Singapore, pp. 54–59 (2010)

  14. Hadavi, M.A., Damiani, E., Jalili, R., Cimato, S., Ganjei, Z.: AS5: A Secure Searchable Secret Sharing Scheme for Privacy Preserving Database Outsourcing. In: 7th International workshop on data privacy management (DPM), Pisa, Italy, pp. 201–216 (2012)

  15. Sobati-Moghadam, S., Darmont, J., Gavin, G.: S4: A new secure scheme for enforcing privacy in cloud data warehouses. In: 7th International conference on information systems and technologies (ICIST 17), Dubai, UAE, pp. 9–16 (2017)

  16. Gentry, C.: A fully homomorphic encryption scheme. Ph.D. thesis, Stanford University (2009)

  17. Yadav, V.K., Anand, A., Verma, S., Venkatesan, S.: Private computation of the schulze voting method over the cloud. Clust. Comput. 23(4), 2517–2531 (2020). https://doi.org/10.1007/s10586-019-03025-w

    Article  Google Scholar 

  18. Subramanian, E.K., Tamilselvan, L.: Elliptic curve diffie-hellman cryptosystem in big data cloud security. Clust. Comput. 23(4), 3057–3067 (2020). https://doi.org/10.1007/s10586-020-03069-3

    Article  Google Scholar 

  19. Erfan, F., Mala, H.: Secure and efficient publicly verifiable outsourcing of matrix multiplication in online mode. Clust. Comput. 23(4), 2835–2845 (2020). https://doi.org/10.1007/s10586-020-03049-7

    Article  Google Scholar 

  20. Liu, M., Wu, Y., Xue, R., Zhang, R.: Verifiable outsourcing computation for modular exponentiation from shareable functions. Clust. Comput. 23(1), 43–55 (2020). https://doi.org/10.1007/s10586-019-02930-4 bibitemge2007answering Ge, T., Zdonik, S.B.: Answering Aggregation Queries in a Secure System Model. In: 33\(^{rd}\) International conference on very large data bases (VLDB), Vienna, Austria, pp. 519-530 (2007)

  21. Hadavi, M.A., Jalili, R., Damiani, E., Cimato, S.: Security and searchability in secret sharing-based data outsourcing. Int. J. Inf. Sec. 14(6), 513–529 (2015). https://doi.org/10.1007/s10207-015-0277-x

    Article  Google Scholar 

  22. Dautrich, J.L., Ravishankar, C.V.: Security limitations of using secret sharing for data outsourcing. In: 26th IFIP WG 11.3 conference in data and applications security and privacy, Paris, France, pp. 145–160 (2012)

  23. Ullah, S., Li, X., Zhang, L.: A novel trusted third party based signcryption scheme. Multim. Tools Appl. 79(31–32), 22749–22769 (2020)

    Article  Google Scholar 

  24. Liang, Y., Poor, H.V., Shamai, S.: Information Theoretic Security, Foundations and Trends in Communications and Information Theory, vol. 5. now Publishers Inc. (2009). https://ieeexplore.ieee.org/document/8187250

  25. Kushilevitz, E., Lindell, Y., Rabin, T.: Information-theoretically secure protocols and security under composition. Soc. Ind. Appl. Math. (SIAM) 39(5), 2090–2112 (2010). https://doi.org/10.1137/090755886

  26. Beimel, A.: Secret-sharing schemes: a survey. In: Coding and cryptology—third international workshop, IWCC 2011, Qingdao, China, May 30-June 3, pp. 11–46 (2011)

  27. Sobati-Moghadam, S., Fayoumi, A.: Toward securing cloud-based data analytics: a discussion on current solutions and open issues. IEEE Access 7, 45632–45650 (2019). https://doi.org/10.1109/ACCESS.2019.2908761

    Article  Google Scholar 

  28. Wong, W.K., Kao, B., Cheung, D.W., Li, R., Yiu, S.: Secure query processing with data interoperability in a cloud database environment. In: International conference on management of data, SIGMOD 2014, Snowbird, UT, USA, June 22-27, 2014, pp. 1395–1406 (2014). https://doi.org/10.1145/2588555.2588572

  29. Bethencourt, J.: Paillier library. http://acsc.cs.utexas.edu/libpaillier/ (last accessed: 2021)

  30. Free Software Foundation: GNU Multiple Precision Arithmetic library . https://gmplib.org/ (last accessed: 2021)

  31. Wang, S., Agrawal, D., El Abbadi, A.: A Comprehensive Framework for Secure Query Processing on Relational Data in the Cloud. In: Secure data management workshop (SDM), Seattle, WA, USA, pp. 52–69 (2011)

  32. Attasena, V., Harbi, N., Darmont, J.: A novel multi-secret sharing approach for secure data warehousing and on-line analysis processing in the cloud. IJDWM 11(2), 22–43 (2015). https://doi.org/10.4018/ijdwm.2015040102

    Article  Google Scholar 

  33. Arasu, A., Blanas, S., Eguro, K., Kaushik, R., Kossmann, D., Ramamurthy, R., Venkatesan, R.: Orthogonal Security with Cipherbase. In: 6\(^{th}\) Biennial conference on innovative data systems research (CIDR), Asilomar, CA, USA (2013)

  34. Arasu, A., Eguro, K., Kaushik, R., Kossmann, D., Ramamurthy, R., Venkatesan, R.: A secure coprocessor for database applications. In: 23rd International conference on field programmable logic and applications, FPL 2013, Porto, Portugal, September 2-4, pp. 1–8 (2013). https://doi.org/10.1109/FPL.2013.6645524

  35. Tetali, S.D., Lesani, M., Majumdar, R., Millstein, T.D.: MrCrypt: static analysis for secure cloud computations. In: the 2013 ACM SIGPLAN international conference on object oriented programming systems languages & applications, OOPSLA 2013, part of SPLASH 2013, Indianapolis, IN, USA, October 26-31, pp. 271–286 (2013). https://doi.org/10.1145/2509136.2509554

  36. Stephen, J.J., Savvides, S., Seidel, R., Eugster, P.: Practical confidentiality preserving big data analysis. In: 6th USENIX workshop on hot topics in cloud computing, HotCloud ’14, Philadelphia, PA, USA, June 17-18 (2014). https://www.usenix.org/conference/hotcloud14/workshop-program/presentation/stephen

  37. Shafagh, H., Hithnawi, A., Droescher, A., Duquennoy, S., Hu, W.: Poster: Towards encrypted query processing for the internet of things. In: the 21st Annual international conference on mobile computing and networking, MobiCom 2015, Paris, France, September 7-11, pp. 251–253 (2015). https://doi.org/10.1145/2789168.2795172

  38. Shafagh, H., Burkhalter, L., Hithnawi, A.: Talos a platform for processing encrypted IoT data: Demo abstract. In: the 14th ACM conference on embedded network sensor systems, SenSys 2016, Stanford, CA, USA, November 14-16, pp. 308–309 (2016). https://doi.org/10.1145/2994551.2996536

  39. Google: Encrypted Big Query. https://github.com/google/encrypted-bigquery-client (last accessed: 2021)

  40. Grofig, P., Hang, I., Härterich, M., Kerschbaum, F., Kohler, M., Schaad, A., Schröpfer, A., Tighzert, W.: Privacy by encrypted databases. In: Second annual privacy forum in privacy technologies and policy—APF 2014, Athens, Greece, May 20-21, pp. 56–69 (2014)

  41. Always encrypted. https://msdn.microsoft.com/enus/library/mt163865(v=sql.130).aspx (last accessed: 2021)

  42. Dotissi: CryptonorDB. http://www.cryptonordb.com/ (last accessed: 2021)

  43. Lincoln Laboratory. http://www.ll.mit.edu/index.html (last accessed: 2021)

  44. Boldyreva, A., Grubbs, P.: The Cloud Encryption Handbook: Encryption Schemes and their relative strengths and weaknesses, white paper. Skyhigh (2016)

  45. Popa, R.A.: Building practical systems that compute on encrypted data. Ph.D. thesis, Massachusetts Institute of Technology (2014)

  46. Ullah, S., Li, X., Zhang, L.: A review of signcryption schemes based on hyper elliptic curve. In: 3rd International conference on big data computing and communications, BIGCOM 2017, Chengdu, China, August 10-11, 2017, pp. 51–58. IEEE Computer Society (2017). https://doi.org/10.1109/BIGCOM.2017.51

  47. Yang, H., Shin, W., Lee, J.: Private information retrieval for secure distributed storage systems. IEEE Trans. Inf. Forensics Sec. 13(12), 2953–2964 (2018). https://doi.org/10.1109/TIFS.2018.2833050

    Article  Google Scholar 

  48. Tajeddine, R., Wachter-Zeh, A., Hollanti, C.: Private information retrieval over random linear networks. IEEE Transactions on Information Forensics and Security 15, 790–799 (2020). https://doi.org/10.1109/TIFS.2019.2928483

    Article  Google Scholar 

  49. Sun, H., Jafar, S.A.: Private information retrieval from mds coded data with colluding servers: settling a conjecture by freij-hollanti, et al.: IEEE Trans. Information Theory 64(2), 1000–1022 (2018). https://doi.org/10.1109/TIT.2017.2779454

  50. Ullah, S., Din, N.: Blind signcryption scheme based on hyper elliptic curves cryptosystem. Peer Peer Netw. Appl. 14(2), 917–932 (2021). https://doi.org/10.1007/s12083-020-01044-8

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Engineering, Faculty of Electrical and Computer Engineering, Hakim Sabzevari University, P.O.Box 397, Sabzevar, Iran

    Somayeh Sobati-Moghadam

Authors
  1. Somayeh Sobati-Moghadam
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Somayeh Sobati-Moghadam.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Sobati-Moghadam, S. Efficient information-theoretically secure schemes for cloud data outsourcing. Cluster Comput 24, 3591–3606 (2021). https://doi.org/10.1007/s10586-021-03344-x

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10586-021-03344-x

Keywords

Search

Navigation