Abstract
The storage of data in the cloud is critical for business and private users to protect their assets from any physically accessible and easily breakable hard disk. An important issue for cloud services is the privacy of the stored data at risk of a breach following an attack or the possibility that the cloud service provider may be tempted to sell data under their control to third parties. Therefore, we need to ensure that data we share or store in the cloud are totally protected from any intentional or unintentional security breach, whether it is related to confidentiality, integrity or authentication. In this paper, we consider the scenario of data coming from small and constrained devices to be stored in the cloud server, whereas the device owner is responsible for the authorization and management of the access control of the data requestors. After approval of the request, the owner provides a re-encryption key to the cloud server in order to make the data readable for the requestor. At no stage in the process, the server is able to retrieve the original sensor data. To guarantee optimal efficiency at the sensors’ side, the operations in the scheme are limited to symmetric key based mechanisms like xoring and encryption, as opposed to existing work where re-encryption algorithms rely on public key-based operations.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Manzoor, A., Liyanage, M., Braeken, A., Kanhere, S. S., & Ylianttila, M. (2019). Blockchain based proxy re-encryption scheme for secure IoT data sharing. In IEEE international conference on blockchain and cryptocurrency (ICBC 2019).
Al-Asli, M., Elrabaa, M. E. S., & Abu-Amara, M. (2019). FPGA-based symmetric re-encryption scheme to secure data processing for cloud-integrated internet of things. IEEE Internet of Things Journal, 6(1), 446–457.
Braeken, A., Kumar, P., & Martin, A. (2018). Efficient and provably secure key agreement for modern smart metering communications. Energies, 11, 2662. https://doi.org/10.3390/en11102662.
Patonico, S., Braeken, A., & Steenhaut, K. (2019). Identity-based and anonymous key agreement protocol for fog computing resistant in the Canetti–Krawczyk Security model. Wireless Networks. https://doi.org/10.1007/s11276-019-02084-6
Wazida, M., Dasb, A. K., Hussain, R., Succic, G., & Rodrigues, J. J. P. C. (2019). Authentication in cloud-driven IoT-based big data environment: Survey and outlook. Journal of Systems Architecture, 97, 185–196.
Shabisha, P., Braeken, A., Touhafi, A., Steenhaut, K. (2017). Elliptic curve qu-vanstone based signcryption schemes with proxy re-encryption for secure cloud data storage, cloud computing and big data: Technologies, applications and security, Lecture notes in networks and systems book series LNNS (Vol. 49, pp. 1–18).
Certicom Research. (2013). SEC4: Elliptic curve qu-vanstone implicit certificate scheme, standards for efficient cryptography group, Version 1.0.
Hankerson, D., Menezes, A. J., & Vanstone, S. (2003). Guide to elliptic curve cryptography, ISBN: 038795273X, Springer-Verlag NewYork, Inc.
Nunez, D., Agudo, I., & Lopez, J. (2017). Proxy re-encryption: Analysis of constructions and its application to secure access delegation. Journal of Network and Computer Applications, 87, 193–209.
Canetti, R., Dodis, Y., Halevi, S., Kushilevitz, E., & Sahai, A. (2000). Exposure-resilient functions and all-or-nothing transforms. In EUROCRYPT (pp. 453–469).
Syalim, A., Nishide, T., & Sakurai, K. (2017). Improved proxy re-encryption scheme for symmetric key cryptography. In International workshop on big data and information security (pp. 105–111).
Syalim, A., Nishide, T., & Sakurai, K. (2011). Realizing proxy re-encryption in the symmetric world. In International conference on informatics engineering and information science (pp. 259–274). Springer.
Nguyen, K.T., Oualha, N., & Laurent, M. (2016). Authenticated key agreement mediated by a proxy re-encryptor for the internet of things. In European symposium on research in computer security (pp. 339–358). Springer.
Nunez, D., Agudo, I., & Lopez, J. (2017). The fallout of key compromise in a proxy-mediated key agreement protocol. In 31st annual IFIP WG 11.3 conference on data and applications security and privacy (DBSec’17) (Vol. LNCS 10359, pp. 453–472).
Rubin, A.D., & Honeyman, P. (1994). Nonmonotonic cryptographic protocols. In Proceedings of the computer security foundation workshop VII, Franconia, NH, USA (pp. 100–116).
Kumar, P., Choudhury, A. J., Sain, M., Lee, S. G., & Lee, H. J. (2011). RUASN: A robust user authentication framework for wireless sensor networks. Sensors, 11(5), 5020–5046.
Braeken, A., Liyanage, M., Kumar, P., & Murphy, J. (2019). Novel 5G authentication protocol to improve the resistance against active attacks and malicious serving networks. IEEE Access, 7, 64040–64052.
Shabisha, P., Braeken, A., Kumar, P., & Steenhaut, K. (2019). Fog-orchestrated and server-controlled anonymous group authentication and key agreement. IEEE Access, 7, 150247–150261.
Acknowledgements
This work was supported in part by VLIR-UOS project : IUC 2017 Phase 3 UB.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Shabisha, P., Braeken, A. & Steenhaut, K. Symmetric Key-Based Secure Storage and Retrieval of IoT Data on a Semi-trusted Cloud Server. Wireless Pers Commun 113, 537–553 (2020). https://doi.org/10.1007/s11277-020-07230-4
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11277-020-07230-4