Cost-Effective Authentic and Anonymous Data Sharing with Forward Security

Xinyi Huang; Joseph K. Liu; Shaohua Tang; Yang Xiang; Kaitai Liang; Li Xu; Jianying Zhou

doi:10.1109/TC.2014.2315619

Cost-Effective Authentic and Anonymous Data Sharing with Forward Security

Xinyi Huang, Joseph K. Liu, Shaohua Tang, Yang Xiang, Kaitai Liang, Li Xu, Jianying Zhou

Department of Computer Science

Research output: Journal Publications and Reviews › RGC 21 - Publication in refereed journal › peer-review

108 Citations (Scopus)

Abstract

Data sharing has never been easier with the advances of cloud computing, and an accurate analysis on the shared data provides an array of benefits to both the society and individuals. Data sharing with a large number of participants must take into account several issues, including efficiency, data integrity and privacy of data owner. Ring signature is a promising candidate to construct an anonymous and authentic data sharing system. It allows a data owner to anonymously authenticate his data which can be put into the cloud for storage or analysis purpose. Yet the costly certificate verification in the traditional public key infrastructure (PKI) setting becomes a bottleneck for this solution to be scalable. Identity-based (ID-based) ring signature, which eliminates the process of certificate verification, can be used instead. In this paper, we further enhance the security of ID-based ring signature by providing forward security: If a secret key of any user has been compromised, all previous generated signatures that include this user still remain valid. This property is especially important to any large scale data sharing system, as it is impossible to ask all data owners to re-authenticate their data even if a secret key of one single user has been compromised. We provide a concrete and efficient instantiation of our scheme, prove its security and provide an implementation to show its practicality.

Original language	English
Pages (from-to)	971-983
Journal	IEEE Transactions on Computers
Volume	64
Issue number	4
Online published	3 Apr 2014
DOIs	https://doi.org/10.1109/TC.2014.2315619
Publication status	Published - 1 Apr 2015

Funding

The authors would like to thank Ke Jiang, Zhiliang Peng and Ming Lu, who are postgraduate students with South China University of Technology, for doing the implementations of the proposed scheme. This work was supported by National Natural Science Foundation of China (Grant NOs. 61202450, U1135004 and 61170080), Distinguished Young Scholars Fund of Department of Education, Fujian Province, China (JA13062), Ph.D. Programs Foundation of Ministry of Education of China (Grant NO. 20123503120001), Fujian Normal University Innovative Research Team (NO. IRTL1207), Guangdong Province Universities and Colleges Pearl River Scholar Funded Scheme (2011), High-level Talents Project of Guangdong Institutions of Higher Education (2012), Natural Science Foundation of Fujian Province (No. 2013J01222), and Fok Ying Tung Education Foundation (Grant No. 141065). Joseph K. Liu is the corresponding author.

Research Keywords

Authentication
data sharing
cloud computing
forward security
smart grid
RING SIGNATURE SCHEME
AD-HOC GROUPS
RANDOM ORACLES
CLOUD
CONSTRUCTION
PAIRINGS

Access Output

10.1109/TC.2014.2315619

Other Access Options

Check CityUHK Library

Permanent Link

Right click to copy link

Cite this

@article{6323d84e187044c5809083618e595c6e,

title = "Cost-Effective Authentic and Anonymous Data Sharing with Forward Security",

abstract = "Data sharing has never been easier with the advances of cloud computing, and an accurate analysis on the shared data provides an array of benefits to both the society and individuals. Data sharing with a large number of participants must take into account several issues, including efficiency, data integrity and privacy of data owner. Ring signature is a promising candidate to construct an anonymous and authentic data sharing system. It allows a data owner to anonymously authenticate his data which can be put into the cloud for storage or analysis purpose. Yet the costly certificate verification in the traditional public key infrastructure (PKI) setting becomes a bottleneck for this solution to be scalable. Identity-based (ID-based) ring signature, which eliminates the process of certificate verification, can be used instead. In this paper, we further enhance the security of ID-based ring signature by providing forward security: If a secret key of any user has been compromised, all previous generated signatures that include this user still remain valid. This property is especially important to any large scale data sharing system, as it is impossible to ask all data owners to re-authenticate their data even if a secret key of one single user has been compromised. We provide a concrete and efficient instantiation of our scheme, prove its security and provide an implementation to show its practicality.",

keywords = "Authentication, data sharing, cloud computing, forward security, smart grid, RING SIGNATURE SCHEME, AD-HOC GROUPS, RANDOM ORACLES, CLOUD, CONSTRUCTION, PAIRINGS",

author = "Xinyi Huang and Liu, {Joseph K.} and Shaohua Tang and Yang Xiang and Kaitai Liang and Li Xu and Jianying Zhou",

year = "2015",

month = apr,

day = "1",

doi = "10.1109/TC.2014.2315619",

language = "English",

volume = "64",

pages = "971--983",

journal = "IEEE Transactions on Computers",

issn = "0018-9340",

publisher = "IEEE Computer Society",

number = "4",

}

TY - JOUR

T1 - Cost-Effective Authentic and Anonymous Data Sharing with Forward Security

AU - Huang, Xinyi

AU - Liu, Joseph K.

AU - Tang, Shaohua

AU - Xiang, Yang

AU - Liang, Kaitai

AU - Xu, Li

AU - Zhou, Jianying

PY - 2015/4/1

Y1 - 2015/4/1

N2 - Data sharing has never been easier with the advances of cloud computing, and an accurate analysis on the shared data provides an array of benefits to both the society and individuals. Data sharing with a large number of participants must take into account several issues, including efficiency, data integrity and privacy of data owner. Ring signature is a promising candidate to construct an anonymous and authentic data sharing system. It allows a data owner to anonymously authenticate his data which can be put into the cloud for storage or analysis purpose. Yet the costly certificate verification in the traditional public key infrastructure (PKI) setting becomes a bottleneck for this solution to be scalable. Identity-based (ID-based) ring signature, which eliminates the process of certificate verification, can be used instead. In this paper, we further enhance the security of ID-based ring signature by providing forward security: If a secret key of any user has been compromised, all previous generated signatures that include this user still remain valid. This property is especially important to any large scale data sharing system, as it is impossible to ask all data owners to re-authenticate their data even if a secret key of one single user has been compromised. We provide a concrete and efficient instantiation of our scheme, prove its security and provide an implementation to show its practicality.

AB - Data sharing has never been easier with the advances of cloud computing, and an accurate analysis on the shared data provides an array of benefits to both the society and individuals. Data sharing with a large number of participants must take into account several issues, including efficiency, data integrity and privacy of data owner. Ring signature is a promising candidate to construct an anonymous and authentic data sharing system. It allows a data owner to anonymously authenticate his data which can be put into the cloud for storage or analysis purpose. Yet the costly certificate verification in the traditional public key infrastructure (PKI) setting becomes a bottleneck for this solution to be scalable. Identity-based (ID-based) ring signature, which eliminates the process of certificate verification, can be used instead. In this paper, we further enhance the security of ID-based ring signature by providing forward security: If a secret key of any user has been compromised, all previous generated signatures that include this user still remain valid. This property is especially important to any large scale data sharing system, as it is impossible to ask all data owners to re-authenticate their data even if a secret key of one single user has been compromised. We provide a concrete and efficient instantiation of our scheme, prove its security and provide an implementation to show its practicality.

KW - Authentication

KW - data sharing

KW - cloud computing

KW - forward security

KW - smart grid

KW - RING SIGNATURE SCHEME

KW - AD-HOC GROUPS

KW - RANDOM ORACLES

KW - CLOUD

KW - CONSTRUCTION

KW - PAIRINGS

UR - https://www.scopus.com/record/display.uri?eid=2-s2.0-84925070600&origin=inward&txGid=3a3c0a76d45d5a8eab506f0c4a60413a

UR - https://www.scopus.com/record/pubmetrics.uri?eid=2-s2.0-84925070600&origin=recordpage

U2 - 10.1109/TC.2014.2315619

DO - 10.1109/TC.2014.2315619

M3 - RGC 21 - Publication in refereed journal

SN - 0018-9340

VL - 64

SP - 971

EP - 983

JO - IEEE Transactions on Computers

JF - IEEE Transactions on Computers

IS - 4

ER -

Cost-Effective Authentic and Anonymous Data Sharing with Forward Security

Abstract

Funding

Research Keywords

Access Output

Other Access Options

Permanent Link

Other Files and Links

Fingerprint

Cite this