Year

2019

Degree Name

Doctor of Philosophy

Department

School of Computing and Information Technology

Abstract

Digital signatures and public-key encryption (PKE) are fundamental primitives in publickey cryptography designed to provide non-repudiation and confidentiality. Efficient signature and PKE schemes and their security in the standard security models have been extensively studied. Nowadays, public-key cryptography has many applications and one of them is in cloud storage. Cloud storage is the storage service provided by the cloud server for the users to store their data. Since the data is uploaded to the server instead of being maintained locally, the integrity of the uploaded data is one of the users’ primary concerns. Cloud auditing is a technique for users to check data integrity.

The standard security models of signature and PKE schemes describe an idealized and simplified game, where the adversary receives a public key (and a challenge ciphertext for a PKE scheme). In a more realistic security model, the adversary should receive multiple public keys (and multiple challenge ciphertexts for a PKE scheme). This is to reflect the fact that there are large numbers of users and ciphertexts generated for each user in practice and the adversary can choose any user or ciphertext to attack. In cloud auditing, the user first divides the data into blocks and generates a tag on each block. The user then uploads the data and tags to the cloud server. An auditor, who audits the data integrity, generates a challenge from the user’s public key and interacts with the cloud server to complete the auditing process. In a scenario where the data is uploaded by multiple users and the tag can be generated by anyone among them, the auditor generates a challenge from the public key of the user who generates the tag. The identity privacy is leaked to the auditor. To preserve the identity privacy, privacy-preserving cloud auditing is proposed.

FoR codes (2008)

080201 Analysis of Algorithms and Complexity, 080402 Data Encryption, 080607 Information Engineering and Theory

Download

Share

COinS
 

Unless otherwise indicated, the views expressed in this thesis are those of the author and do not necessarily represent the views of the University of Wollongong.