Journal of Intelligent Information Systems

https://doi.org/10.1007/s10844-022-00715-7

Design of fully homomorphic multikey encryption scheme

for secured cloud access and storage environment

Dilli Babu Salvakkam1 · Rajendra Pamula1

Received: 25 January 2022 / Revised: 20 April 2022 / Accepted: 3 May 2022

© The Author(s), under exclusive licence to Springer Science+Business Media, LLC, part of Springer Nature 2022

Abstract
Cloud hosting is a kind of storage that enables users to access, save, and manage their data
in a secure and private cloud environment. As a result of this choice, users are no longer
need to maintain and build their storage infrastructure on their computers or servers. Many
businesses are hesitant to embrace cloud storage because of the complexities of data pri-
vacy and security issues. An easy-to-use and secure method for cloud storage sharing and
data access is proposed in this study, which may be implemented quickly and easily. This
solution requires users to have a secure password and biometric data in order to function
properly. Their capacity to deceive consumers into disclosing critical information to their
service providers is the primary reason for this problem. Cloud storage systems must have
a secure framework in place in order for users to connect to and interact with one another.
Many benefits of cloud storage exist, including enabling users to store and manage their
data in a safe environment. Users can regulate and manage their data security while using
cloud storage services. While implementing a safe and authenticated data storage model,
this article addresses the different elements that must be taken into consideration. Several
procedures have been established to deal with this problem. Unfortunately, they are not suf-
ficiently secure to prevent a wide variety of security intrusions from taking place on them.
When encrypting stored cloud data, the Fully Homomorphic multikey Encryption (FHE)
algorithm is utilized. They also have a vulnerability in their protocol that makes it suscep-
tible to both user and serverside attacks. When it comes to remote access, cloud data and
data sharing between geographically dispersed devices is a reliable protocol to use.

Keywords Cloud access · Storage · Data sharing · User authentication · Fully

homomorphic multikey encryption

* Dilli Babu Salvakkam

[email protected]
Rajendra Pamula
[email protected]
1
Department of Computer Science and Engineering, Indian Institute of Technology (ISM),
Dhanbad, India

13
Vol.:(0123456789)
 Journal of Intelligent Information Systems

1 Introduction

Cloud computing is a new paradigm that enables businesses to provide their customers
with on-demand access to computing and file storage capabilities. The on-Demand Routing
protocol easy to share routes for broadcast or non-broadcast media, and it enables users to
use cloud computing services as needed without having contact between consumers and
service providers (Karati et al., 2021). Its emergence has raised concerns about privacy
and the integrity of their data. The use of server-side hardware is very cheap and easy
to provide security to cloud data. However, it is not as secure as cloud computing due to
its limited availability and resource constraints. Gaffled circuits are often used in cloud
computing. In this paper, we introduce a method for safely reusing garbled circuits for dif-
ferent inputs. In terms of cloud privacy, there are various approaches like twin cloud and
token-based cloud computing. Cloud tokenization exchange sensitive data for an irrevers-
ible, non-sensitive placeholder known as a token and securely preserving the original, sen-
sitive data. However,these methods are very hard to parallelize. For researchers, one of the
most promising approaches is FHE which is a type of Homomorphic multikey encryption
(Ghaffar et al., 2020; Zhou et al., 2019). The rapid emergence and evolution of commu-
nication and information technology have greatly changed the computational model. The
rise of cloud computing was directly caused by the changes in the computational model.
It is mainly built on the principle of distributed computing, which is a type of multi-core
computing. Due to the increasing popularity of data storage, the existing storage models
are not able to handle the influx of data. Data storage management is a set of processes i.e.,
network virtualization, replication, mirroring, security, compression, deduplication, traffic
analysis, process automation, storage provisioning and memory management to improve
the performance of data storage resources. The cloud computing provides the data storage
as a service and it deliver the on-demand access in order to eliminate buying and managing
your own data storage infrastructure. This is where the need for storage solutions comes
from. Cloud storage is a webbased data storage mechanism that allows users to store and
retrieve their data from a variety of distant servers (Ghaffar et al., 2020). Cloud storage is
becoming more popular. A third-party cloud storage provider is in charge of providing the
storage service. Users may purchase or rent the storage space that they need in order to
save their data. It is a collection of multiple storage devices and servers (Li et al., 2017)
that is known as cloud storage. Cloud storage is much more than just a storage system,
though. It is also considered to be a kind of service. Because cloud storage services are
provided by other parties, customers are not required to comprehend the numerous com-
ponents of storage devices, as well as the administration and maintenance of such devices.
They may easily take advantage of the advantages of cloud storage without the need for any
specialised knowledge or experience. Cloud storage, in addition to minimising the amount
of storage space necessary, provides a great deal of convenience to its customers as well.
When it comes to growth, cloud storage architecture makes things easier by enabling ser-
vice providers to acquire more storage servers and quickly enhance the available capacity.
The movement of the majority of the data from on-premises storage to cloud storage makes
data management much easier to handle. Using cloud storage space to migrate big amounts
of data to the cloud, businesses may save a significant amount of money by renting or
purchasing storage space from cloud providers. File versioning, automatic synchroniza-
tion, data backups, security, and scalability are some of the features of cloud storage space.
Enterprises may get the best cloud storage solution for their unique requirements with the
assistance of cloud storage service providers. It not only ensures that they get the highest

13
Journal of Intelligent Information Systems

possible quality of service, but it also helps to reduce security threats. As a result of the
benefits of cloud storage, more businesses are beginning to provide their services via the
cloud storage infrastructure. Google Drive, Microsoft’s Windows Azure, Sync, Amazon
Drive S3, Apple iCloud, MediaFire, Microsoft OneDrive, and pCloud are just a few exam-
ples of cloud storage services. The results of a poll carried out by cloud storage business
many survey revealed that just around 20% of consumers are prepared to keep confidential
data in the cloud. Even in the face of this, the vast majority of users are pleased with the
service’s dependability and overall functionality. One of the most common reasons why
consumers do not utilise cloud storage services is because of concerns about security. This
is one of the primary reasons why many people are skeptical about cloud storage systems.

2 Fully homomorphic multikey encryption security in cloud

Since the cloud storage system has various features and security concerns, it is often nec-
essary to develop and implement different solutions for different issues. This paper aims
to analyze and discuss the various security issues that cloud storage can face (Yang et al.,
2021). Due to the separation between the data management and the ownership of the stored
data, it is important that the security measures are implemented to prevent the unauthor-
ized access to the data. The use of encryption to preserve the privacy of stored data is
generally considered to be a good practise. When Alice wishes to communicate data to
Bob, she uses this encryption mechanism. The method may be used when Bob has to com-
municate information to Alice. Homomorphic multikey encryption is a key component of
cloud storagebecause it allows anyone to execute certain algebraic operations on encrypted
data, which is significant in the field of quantum computation. Unfortunately, it is not
extensively utilised in cloud storage environments at the present time (Zhu et al., 2021).
Maintaining the integrity of data saved on a cloud storage provider’s server is also a signifi-
cant concern. The Provable Data Possession (PDP) scheme is a cryptographic mechanism
that allows users to verify the availability and integrity of outsourced data on untrusted
cloud storage servers (CSS). The majority of PDP schemes are publicly verifiable, how-
ever in some applications, private verification is required to prevent the publication of any
relevant information and it is described in (Liu et al., 2021; Kaleem et al., 2021) for speci-
fications, and it lets a client to prove that the server did not tamper with or delete the data.
Their attention was drawn away from the problem of data updating in real time. Essentially,
the idea behind this strategy is to ensure that the data saved in the cloud is not tampered
with. This can only be accomplished via the use of dynamic data updates. Data sharing has
become more popular among cloud service providers as a result of the growing number of
situations in which it is necessary. It is a secure way of information transmission cloud data
sharing method and provides ubiquitous access i.e., may access the data anywhere using
network devices. An international team of academics suggested a solution for securing sen-
sitive data using an elliptic curve encryption system in 2010.
This article covers cloud storage data access and sharing technologies in depth. There
are three key components involved: a server, a user, and a third-party that has been vet-
ted by the organisation, in that order. Initially, the system creates the global parameter KG
for the system. To utilise the cloud storage service (Rawal & Vivek, 2017), the user needs
first create an account with the CS. Accessed data cannot be accessed by an attacker over
the public channel, on the other hand. The purpose of this article is to present the security
standards that must be met by cloud storage services.

13
 Journal of Intelligent Information Systems

Fig. 1  Fully homomorphic multikey encryption security requirements

Table 1  List of notations

FHE Fully Homomorphic Encryption, a trusted third party
CUBIOa Cloud User Bio-metric information of Sa
TCS Server of the Trusted cloud storage provider
Gen Λ generator of Zq∗
x1(⋅)x2(⋅) Function {0, 1}* to Zq∗ to calculate Hash
CU/Di identity of Cloud User CU _a
CUPWa Password of ­CUa
n Λ large prime number
CS Cloud Server
CUa,CUb The a th and b th Cloud user

2.1 Homomorphic multikey security requirements in cloud storage and data access

In order for the user to have access to the TCS after being authorised, the user authentica-
tion scheme must be applied (Albrecht et al., 2019). Depending on his or her preferences,
the user may personalise their passwords. In schemes saves the user’s time and aids in the
prevention of unauthorized access.

2.2 Mathematical background

Definition 1 The following properties are followed when ordering the elements in
𝔾.{𝔾, ⋅} (Fig. 1 and Table 1)

A group 𝔾 has a set of elements that have a binary operation 𝔾. {𝔾, ⋅}.

(a). Closure Property: The closure property of x,y provides with only one unique answer
after adding or multiply in same 𝔾.

13
Journal of Intelligent Information Systems

(b). The Associative Property: The property’s Associative Properties are defined as if
x,y,z are all in 𝔾.x ⋅ (y ⋅ z) = (x ⋅ y) ⋅ z , where ∀x,y, and z in 𝔾
(c). An identity property is a unique element that can be used to identify a specific ele-
ment. x ⋅ e = e ⋅ x = x,y ⋅ e = e ⋅ y = y,z ⋅ e = e ⋅ z = z.
(d). Inverse element: For any x∈ 𝔾, there is an element x ⋅ x� = and x� ⋅ x = e.

2.3 Homomorphism in public key crypto system

Four parties are involved in this data exchange and access system, which is described in
this section. In this scenario, there are four parties involved: the user; the system adminis-
trator; the data sharing scheme; and the fuzzy extraction algorithm. When given a specific
input, fuzzy extractors are a biometric tool that enables for user authentication by employ-
ing a biometric template created from the user’s biometric data as the key, with predictabil-
ity indicating the likelihood of an attacker guessing the secret key and it is a process that
can consistently extract uniform randomness from it. It is also error-tolerant in the event
that the input is changed. Generation (Gen) is a technique that generates a biometric input
string from which an extracted string may be generated. If the input string is not supplied,
it will be outputted as an auxiliary string until otherwise specified. It is possible to retrieve
V from the auxiliary string U and the vector CUBIO′ prime that is near to U using this
technique.

• RSA cryptosystem:
e
( ) (E(x)) = xe modm ( )e ( )
E x1 ⋅ E x2 = x1 x2e modm = x1 x2 modm = E x1 ⋅ x2

• Paillier Cryptosystem
( )
Encrypt (m;CUPK) = gMsg ⋅ rn modn2 ( )n
c1 ⋅ c2 = gm1 ⋅ r1n ⋅ gm2 ⋅ r2n = gm1 +m2 ⋅ r1 ⋅ r2 modn2 = c3

• ElGamal Encryption
E ∶ Gq → Gq × Gq
r r
( ) ( ) = ((g r, m ∗ h ) r )( r
E(m) )
E m1 ∗ E m2 = (g , m1 ∗ h 1 g 2 , m2 ∗)hr2
1

= g(r1 +r2 , m1 )∗ m2 ∗ hr1 +r2

= E m1 ∗ m2

2.4 The proposed scheme FHE preliminaries

This algorithm generates a list of parameters that are used in HE algorithms. It takes the
desired security level and outputs it as an input.
ParamGen (𝜆, PT, K, B) → Params
This document only describes the underlying plaintext space of a parametrized format.
It does not specify the type of approximate numbers that can be used in the space.

13
 Journal of Intelligent Information Systems

V1 , … , VK + V1� , … , VK� = V1 + V1� , … , VK + VK�

( ) ( ) ( )

The encryption of a message is performed by parametrizing the digits with the plaintext
space Zp. The message space is an integer that is equal to the range [0,1023).
PubKeygen(Params) → SK, CUPK, EK

The extension rings and fields are parameterized by modulus p, and they are also specified
by a polynomial f(x), which is equal to the plaintext space Z[x].
SecKeygen(Params) → SK, EK

The dimension of the encrypted vectors is defined as the space where the messages are
encrypted which is used to prevent a series of text that is identical to a prior sequence from
creating the same exact ciphertext when encrypted by using a continuously changing integer
in combination with a secret key. It is usually computed by defintion, which is the operation
that is performed component-wise.
PubEncrypt (CUPK, Msg) → C

As per the external sources, auxiliary parameter acts like supplementary which is used to
encrypt the messages for the secure transmission. The auxiliary parameter B is used to specify
the complexity of the programs and circuits that can be used to carry out encrypted messages.
Generally, lower-complex programs and circuits are more efficient in their evaluation.
SecEncrypt(SK, M) → C
Decrypt(SK, C) → Msg

A fuzzy extractor is a set of procedures that can reliably extract random bits from a
given input. It is usually not error-tolerant if the input changes. Gen is a probabilistic gen-
erator procedure that outputs an extracted string from a biometric input which is get from
the biometric characteristics that are acquired applying adequate sensors to extract biomet-
ric template in an enrolment
( process.) It does so by extracting the specified string from the
CUBIO distribution. Rep FHE� , P = Q if CUBIO′ is reasonably close to CUBIO.
FHE distribution on M with min randomness m, the distribution’s randomness is
equal to the sum of the digits of the operation name. Gen is a cyclic generation proce-
dure Gen(CUBIO) = (R,P) that takes advantage of the input of Biometric input. It outputs
an extracted string. Rep is a procedure that returns V from the string U and ( the vector
CUBIO′. The CUBIO, CUBIO� ∈ M does so by converting the data pair CUBIO′ to
( ) )

Q.KG chooses the system’s global parameter q, and then generates public and private key
pairs with a large prime number z−q.
( ka
)
(HSKa = ka , CUPKa = gk modn),
(HSKb = kb , CUPKb = gk modn) and
b

HSKc = kc , CUPKc = g c modn forCUa , CUb andTCS

2.5 Preliminaries

A fuzzy extractor is a procedure that can extract almost uniform randomness from a biom-
etric input. It is error-tolerant if the input changes or the output is not sufficiently close to
the original one.

13
Journal of Intelligent Information Systems

1. Gen is a probabilistic generator that outputs an extractable string containing a biometric

input as Gen(CUBIO) = (Q,P).

For any distribution of m, if the generating function Gen(CUBIO) = (Q,P), then ran-
domness collected the operator and the string is equal to the sum of the distributions CUl.

2. The Repoperator FHE, CUBIO� ∈ M is a predictable mechanism that allows for

( )

the recovery of information V concerning the U string DIS CUBIO, CUBIO′ ≤ t , if

( )

Gen(CUBIO) = (Q,P) and the CUBIO’prime vector close to V.

2.6 System initialization phase

The first parameter KG chooses x1 ∶ {0, 1}∗ → {0, 1}n , x2 ∶ {0, 1}∗ → Za∗. At
last, KG is the global parameter q, and the second one ( is the generator g. kThen, )it
chooses hash functions h1 : 1,1,1,1 *, and q public HSKa = ka , CUPK) a = g modn ,
a

HSKb = kb , CUPKb = g modn and HSKc = kc , CUPKc = g modn for CUa,CUb.

( kb
) ( kc

CUPK distribute the public and private key pairs to the parties involved (Fig. 2).

3 Cloud server and user mutual authentication scheme for secured

storage and access

There are some processes that must be completed in order to safeguard data access in
diverse applications: user registration, authentication, and password changing. The steps of
the user authentication procedure are shown in this session.

3.1 Cloud user registration phase

In order to make advantage of the cloud storage service offered by TCS, users must first
create an Registration. This step is required to check that the user has been granted permis-
sion to access the service. When it comes to establishing trust, both sides must verify their
communications with one another. In this case, the user CUa sends a registration request
to server TCS after forming a CS account and choosing an identity CIDi for themselves.
It is regulated by TCS to save the information about the user Qi on a mobile device, then
securely communicates the information ( to Ui.) Following that, CUa selects a password that
is evenly spread across the system CUPWi . She also leaves a trace of her Bioi on the
sensor, which may be detected. In the next phase, the variables Y i,Mi,Ni,It,h(),Gen(), and
Rep() are inserted into a device with the values they represent.
Step 1: The Cloud Server CUa selects and inputs the identity and password of the user.
The biometric template created by the fuzzy extractor is subsequently imprinted on the
(Cloud Server. ) C transfers the variable Ai via a secure channel and saves the parameters
g, h1, andba in the Cloud Server’s memory.
Step 2: CS sends Ai = h1left,Bi = h1left, and submits the parameters through a secure
channel.

13
 Journal of Intelligent Information Systems

Fig. 2  Cloud user and Server transaction phases with FHE authentication mechanism for to provide safe
data access

( )
FHERPW
( )a = (h b ∥ CUPW
) a
Gen Bioa = 𝜎a , 𝜏a ( )
Na = R(a ⊕ h 𝜎a ∥ FHERPWa ∥ b )
Msga = h b ∥(IDa ∥ FHERPWa ∥ )𝜎a ∥ Ra
Na = b ⊕ h IDa ∥ CUPWa ∥ 𝜎a
Cloud User Initial Login and 𝐀
ceess

3.2 Cloud user initial login and authentication protocol

In order to build confidence between the Data User and the Cloud Service Provider, these
two parties must first authenticate one another. Babu et al. protocol is a cryptographic sys-
tem using Blockchain based authentication that may be employed with or without a smart
card, depending on the condition. Cryptography is an integral part of the inner-workings
of blockchain technology and it provide the trait of immutability and improve the secu-
rity, scalability, reliability. Here, a registered user CUi authenticates himself or herself by
inputting the card reader and biometric sensor credentials into the appropriate fields. Ui is
subjected to biometric scanning in order to determine the user’s physical characteristics. Ui

13
Journal of Intelligent Information Systems

then authenticates by entering the credentials IDi, PWi, and ­BIOa into the authentication
dialogue box. After that, the smart card creates a cancelable fingerprint C0T I, which is
subsequently retrieved using error-correcting techniques. SCi determines if h(r0i) equals h.
(ri). If it fails to do so, the session is terminated without further delay.
Step 1: CUa inputs CUIDi and CUPWi in the login screen. The Cloud Server then cal-
culates the number of sessions computed by the Cloud Server. If it is equal, the session is
ended.
If the identity CUIDi is valid, TCS checks if the number Baprime is equal to the one pro-
vided by the user. It is ignored if the two numbers are not equal in size.
Step 2:(If the identity ) CUID i is valid, TCS checks if the request is equal. If it is
BIO�a = x1 CSIDi ∥ kc , it rejects the login request.
Step 3: Va sends the TCS authentication message to the Upi. If the session is ended,
then the cloud user can verify ( the authentication
) � of the ( TCS by CUpi. CU� )a computes
∥ Fa ∥ HSK .
r
GRP�a = Faa modN, HSK �
= x 1 CSIDi ∥ GRP �
a) , Xa = x 1 Ba{∥ Da }
� and submits Msg
3 to TCS.
(
Msg3 = x1 CSIDi ∥ Ba ∥ Da ∥ Fa ∥ HSK
Step 4: CS(computes Msg�3 = h(CUIDi) B)�a (CUIDi).
( )
?
Msg�3 = x1 CSIDi ∥ B�a ∥ Da ∥ Fa ∥ HSK , and checks Msg�3 = Msg3.
CUa and TCS For these secret communications, the two parties share a session key
HSK = x1 (CSIDi ∥ gra rc modN).

3.3 Password change phase

The CUa user may make changes to his or her passwords without the assis-
tance of the cloud storage service provider. In order to do this, the user must suc-
cessfully enter the passwords and imprint the data on the screen. CUBIO′a. The
Cloud Server checks) the computed Va� (= h1 left > )to verify( the user’s identity.
Va� = Rep CUBIO�a , Pa , FHERPWa� = x1 R�a ∥ CUPWa , A�a = x1 CSIDi ∥ FHERPWa� ,
( )
?
and checks A�a = Aa. If the passwords CUPWanew are not equal, the Cloud Server
will terminate the password change request. The user is asked to enter a new pass-
word. The Cloud Server will also replace the
) existing ( passwords with new new
ones. ,
( )
FHERPWanew = x1 R�a ∥ CUPWanew , Anew
a = x 1 CSIDi ∥ FHERPW a
Canew = Ca ⊕ FHERPWa� ⊕ FHERPWanew, and replaces Aa and Ca with Anewa
and Ca
new.

3.4 Storage and access in cloud

This section describes a secure data sharing scheme that enables users to store and share
their data m ∈ Zq∗ in cloud storage. For a user CUa, sends data to the receiver the scheme
requires that he or she register with the cloud storage provider.
Step 1: The user CUa generates a random number that’s 𝛼 ∈ Za∗, and stores it as the
encrypted data of m on the device me = m ⋅ gα. CUPKa2 modq, mV = x1 gMsg modN .
x (CSIDi∣𝛼) ( )

In order to get the original data, user authenticates and obtains the original data stored on
the server TCS.
Then, after storing the random number a *, the device stores the encrypted data
)−k of m *
as well as the original data. When he wants to recover m = me ⋅ g−𝛼 ⋅ gx2 (CSIDi∥𝛼) a modN
(

the( original data,

) ? he authenticates and retrieves the data whether m is valid by checking
x1 gMsg modN = mV .
Step 2: The receiving user then submits CUblogin to CS a data sharing request from CUa.

13
 Journal of Intelligent Information Systems

Step 3: Login of Ua generates two random numbers

� −rc�
Vb = grb modN.Rc = grc modN, m∗c = CUPKc
−r −x (CSIDi∣𝛼)
⋅ g−𝛼 modN, m∗b = CUPKb b CUPKa 2 mod N. and r b , rc� ∈ Zc∗.
Now Computes CUa submits (CSIDj, R(c , m∗c ) to TCS, and submits to CU .
( ∗
)
R b , mb b
Step (4: After)receiving the message Rc , m∗c , CS computes mc = me. m∗c ⋅ Rcc modN, and
) k

submits mc , mV to the user CUb sends the message to the user.

Step 5: When receiving the message, enter username and
) the(shared )message m is
obtained by calculating the sum of the two numbers. Rb , mb and mc , mV , CUb obtains
(

the shared data m by computing mb = mc ⋅ m∗b. Rbb modN(, and the validity of data
k
?
mx1 (g modN) = mV validate that to receive the data. Store me , mV ← 2.(CSIDi, CSIDj ,
m b

Request ) (CSID j, Q_

4 Random oracle model (ROM) and BAN logic for formal security
analysis and verification

In this study, we explain the notion of safe data storage and access using BAN logic, a for-
mal technique. This technique accomplishes the aims of data protection for the user.
P believes that X is true.

(1) U believes M is true, i.e. U∣ ≡ X : U believes M

(2) Someone sent a message which contains M to U, and U can read X. i.e. U ⊲ X : U sees
M
  This function returns the message containing M once sent.
(3) An earlier iteration of U delivered a message with M attached, i.e. U ∣∼ X ∶ U once
said M
(4) M is subject to the jurisdiction of entity U, and U is trusted for M, i.e. U ⇒ X: U con-
trols M
  Since the present round of protocol, no entity has sent a message containing M.
(5) No entity sent a message containing M at any time before the current round of protocol,
i.e. #(M)
𝜅
: M is fresh
(6) U ⟷ V ∶ U and V the two users and the server may interact with one another through
the shared key K, where K is said to be more secure if no other entity can get it except
for U,V and the entity trusted by U,V.
  Rule 1 Message means that if U believes that he/she shares the key K with V, then
U should believe that V once said M.
(7) (M,N) : M and N are components of the message (M,N).
(8) {M,N}K : M and N are encrypted using the key K.
(9) (M,N)K : Using the key K,M and N are hashed together.

Goal 1: CUa ∣≡ Ua ⟷ ( HSKCS .

( )

Goal 2: CUa | ≡( CS| ≡ Ua ⟷)HSKCS .

)

Goal 3: CS ∣≡ Ua ⟷( HSKCS .
Goal 4: CS||≡ CUa || ≡ Ua ⟷ HSKCS .
)

Rule 1: Message meaning rule: Message means that if a person believes that he/she has
a key K, then he/she should see the message XK.
sees the message {X}K,U believes that V once said M.
Rule 2: Nonce verification rule: If U believes that M is fresh and V once said M, then
U believes that M.

13
Journal of Intelligent Information Systems

P|≡#(X),P|=Q∣∼
, if U believes M is fresh and V once said X,U believes V believes M.
̄
P|IQ|≡X
Rule 3: Jurisdiction rule: If V believes that it has jurisdiction over M, then it should
believe that it has jurisdiction over M.
P∣≡X, if U believes that V had jurisdiction right to M and believes V believes X,U
believes M.
Rule 4: Freshness rule:
P ∣= #(X), If message (M,N) contains message M, then message (M,N) must be fresh
P∣=#(M,N)
as well.
Rule 5: Belief rule: If U believes that the message is clear and unambiguous (M,N),
then U believes that the message is clear and unambiguous (X).
P| = Q| ≡ (M, N)

Rule 6: Seeing rule: dPXX , M is a part of the message (M,N), and if U sees (M,N),U
P (M,N)

also sees M.
Before the formal analysis, the two parties such as Data user and cloud service pro-
viders should first communicate the messages that they exchanged, first assume that the
two parties are communicating through normal SMS messages.
The validity of A1 and A2 depends on the random numbers generated by ra and rc,
which are both fresh random numbers.
A1 and A2 are valid since ra and rc random numbers produced by CUa and TCS to
put it another way, because of the freshness in both ra and rc, A3 and A4 are reasonable
choices. Using the device’s information and the server’s identification, the user may
derive the secret key. A logical assumption is that the user’s identity ( and Cloud
) Server
information is known. User CUa and server TCS can calculate x1 CSIDi ∣ kc from the
Cloud Server information and the secret key kc′′ and user’s identification, and A5 and A′′6
are also reasonable.”
In this paper, we prove that a proposed protocol can meet the goals of its intended
users. We provide a detailed description of the proposed protocol.
S1 ∶ CUa | ≡ CS| ∼ Da , Fa , CUa ⟷ HSKCS We use the freshnessconjuncatenation
( )

rule when it comes ( to selecting fresh produce.

S2 ∶ CUa ∣≡ # Da , Fa , CUa ⟷ HSKCS based on the premise of S3 and S4, the
)

nonce-verification rule(is used in order to get the ) result.

S3 ∶ CUa | ≡ CS| ≡ Da , Fa , CUa ⟷ HSKCS based on the premise of S5, we use the
belief rule in order to attain our goals. )
S4 ∶ CUa | ≡ CS| ≡ Ua ⟷ HSKCS (Goal 2). based on the premise of A7 and S6, we
(

apply jurisdiction
( rule for the belief
) rule in order to attain our goals.
S5 ∶ CUa ∣≡ Ua ⟷ HSKCS (Goal 1) based on the premise of message 3 , we can
get
S6 ∶ CS ⊲ CSIDi, CDa , Fa , CUa ⟷ HSKCS x (CSIDi∥k ) based on the premise of S8
( )
1 c
and A6, we employ the( message meaning for belief rule )in order to attain our goals
S7 ∶ CS||≡ CUa || ∼ CSIDi, CDa , Fa , CUa ⟷ HSKCS . based on the premise of A4,
we apply freshness-conjuncatenation belief rule in
) order to attain our goals
S8 ∶ CS ∣≡ # CSIDi, CDa , Fa , CUa ⟷ HSKCS based on the premise of S9 and S10,
(

we apply nonce-verification for belief rule in order to attain

) our goals
S9 ∶ CS||≡ CUa || ≡ CSIDi, CDa , Fa , CUa ⟷ HSKCS based on the premise of S11, we
(

apply belief rule to obtain

13
 Journal of Intelligent Information Systems

S10 ∶ CS||≡ CUa || ≡ Ua ⟷ HSKCS (Goal 4) based on the premise of A8

( )

and S12, we( apply jurisdiction to use the belief rule in order to attain our goals
S13 ∶ CS ∣≡ Ua ⟷ HSKCS (Goal 3) The many security measures of the proposal are
)

discussed in detail in this section.

4.1 Random oracle model (ROM)

The Random Oracle Model was used for our formal security analysis. The random-oracle
model (ROM) used for designing and analysing cryptographic protocols. It gives random
functions that would undoubtedly create excellent cryptographic hash functions and secu-
rity proofs for extremely practical constructions of crucial cryptographic building blocks
like digital signatures, public-key encryption, and key exchange. It is commonly regarded as
strong evidence that a protocol would withstand assaults in practise, despite its recognised
inability to provide verifiable assurances when instantiated with a real-world hash function.
This framework offers a simple and effective security paradigm for our proposed solution.
We validate the ROM scheme’s security and privacy and use the same security model.

Theorem 1 An adversary UA can execute multiple oracle queries with execution time of
less than 2 minutes. The adversary can break the security of Urp by using the hash function
h(cdot). P denotes the protocol’s correctness. D denotes the password dictionary. If the Urp
protocol is not followed, then the query will be executed by an adversary.
� N�
AdvtPAKE
( )
,D UA ≤ M ⋅ qs + 𝜖(w)
p

where M ′ and N / are the security parameter and trivial function of Zipf.

Proof In every game,

[ ] the Test query 0 to Game 1 − 6 is used to guess the correct bit. The
result Sa and Ur Sa is presented as the probability of the chosen bit being correct. The
game is offered as Sa and Ur left.

AdvtPAKE
( ) [ ]
rp,D UA = Pr S0

Game 1: This game shows how to establish a hash list h(cdot) with a secure hash
function.
| [ ] [ ]|
|Pr S1 − Pr S0 | ≤ 𝜖(w)
| |
Game 2: Collisions have been ruled out in all possible sessions. The game will be ter-
minated if there is a collision.
| [ ] [ ]|
|Pr S2 − Pr S1 | ≤ 𝜖(w)
| |
Game 3: The game’s simulation rules have been altered using the execute query. For
example, the way private key sessions are calculated has been altered. If an attacker
properly calculates XCS during the passive session UA, may get the difference between
Games 2 and 3 . To solve the task, we need to select some numbers randomly ra1,rcs1,

13
Journal of Intelligent Information Systems

and rcs2ra1,rcs1,ra2 and rcs2 and compute TSk = rcs2Xa and TSk = ra2 Xcs ⋅ UA can make a
query Xcs,Ncs,Tcs to hash oracle.
| [ ] [ ]|
|Pr S3 − Pr S2 | ≤ 𝜖(w)
| |
Game 4: In this Game, we are going to use the query method used to active session
UA determines the authenticated Xcs to masquerade AUa.
This ( rule is assigned with the following) responsibilities: To Calculate
?
Ncs = x1 CUIDa ∥ CUIDs ∥ Xa ∥ Xa� ∥ Ta ∥ {Tcs ∥ Tsk and determines � =N
Ncs cs
If this is correct, then CS predicts a list. PCUIDa, Xa∗ , Na , Ta presented in Lhs.. This
}

method is computed by calculating the valid Xcss to disguise the query (Table 2).
| [ ] [ ]|
|Pr S4 − Pr S3 | ≤ 𝜖(w)
| |
Game 5: The game’s active session is used to query. This game will be aborted if the
query succeeds and finds the record leftXcs.
| [ ] [ ]|
|Pr S5 − Pr S4 | ≤ 𝜖(w)
| |
Game 6: The session key is chosen at random in this game. Sk of AAa and CS. The
advantage of Ua is negligible to guess the session key
| [ ]| �
|Pr S6 | ≤ M � ⋅ qNs
�
| ( )|
AdvtPAKE,D
UA ≤ M � ⋅ qNs + 𝜖(w)
rp

It can be performed within polynomial time. For the algorithm’s implementation, we

need to know the self-reducibility AdvCDH,Prp (C) of the problem. Because of its diffi-
culty, the CDH problem is viewed as infeasible in polynomial time and hence as infeasi-
ble. [ (It has been shown that
[ ( the theorem ] is accurate.
=∣ Pr C P, ra2 P, cupkcs , ra2 cupkcs = 1 − Pr C P, rcs , rcs2 P skcs = 1 , where skcs is a
) ] )

fixed value.
Now, TestAnon
[ ( ) ]
AdvCDH,Prp (C) ≥∣ Pr TextAnon cCUIDCc , cCUIDcj = 1 − Pr[
cidC , cidkC = 1 ∣.
( c ) ]

5 Security and performance evaluation

The different security characteristics of a suggested user authentication mechanism are

presented in this section.

Table 2  Specifications for Items Specifications

implementation
Windows Windows 10
Processor 3.60GHz
Hardware core i7
Online cloud server PythonAnywhere
Language python

13
 Journal of Intelligent Information Systems

5.1 User friendly

The user can freely choose the username and passwords for secure data access. To
update the passwords CUa inputs CSIDa and CUPWa, the user needs to input the data
required to create the new password, Va′ according to CUBIO′a and Ua, and computes
FHERPW_{a }ˆ {∖prime } , A _ { a } ˆ {∖prime }∖text { and the Cloud Server will }
reproduce the data.
?
After verifying the validity of the user’s identity A�a = Aa , password and biomet-
ric, the Cloud Server sends a message _anew to compute FHERPWanew , Anew new , and
a , Ca
replaces Aa and Ca with Aa and Ca to the mobile app to reset the passwords. Once
new new

this is accomplished, the user will be able to change his or her password without having
to contact the cloud storage service provider.

5.2 Safeguard against a stolen verifier attack

Specifically, the suggested approach offers a way of mutual authentication between

a cloud storage provider and its user. There is a reliance on the shared secret knowl-
edge x1 (CSIDillkc) for the approach to work.( Utilizing )the information supplied by the
Cloud Server, CUa can extract the value x1 CSIDi ∥ kc , which can then be calculated
by TCS by using CUa ’s identity CSIDi and the secret key kc provided by the Cloud
Server. When the cloud storage provider accesses the Cloud Server, they will be able to
extract the value of the secret information.

5.3 Efficient wrong password detection

The proposed method will allow the Cloud Server to quickly identify the unauthorized
access by the user when they input a wrong password. This method will prevent the
cloud storage provider from checking the credentials of the users.
In the login phase, Uz authenticates CUa inputs CSIDi and imprints the biomet-
ric CUBIO′a by using the fingerprint CUBIO I prime on the Cloud Server. CUa inputs
a wrong password CUPWa∗ ≠ CUPWa by mistake. Then, the Cloud Server computes
( )
( ) ( )( ( )
Va� = Rep CUBIO�a(, Pa , FHERPWa� = x1 R�a ∥)CUPWa∗( ≠ x1 Ra ∥ CUPWa = FHERPW a
)
, and it is obvious
that A�a = x1 CSIDi ∥ FHERPWa� ≠ x1 CSIDi ∥ FHERPWa� = Aa . Then, the device
)

computes the incorrect Vi * left = operatornameCUBIOprime.

5.4 Resist replay attack without use of clock synchronization

The goal of this proposed scheme is to prevent replay attack by generating a random
number and a timestamp for each session. This method will prevent the attackers from
accessing the synchronized clocks of all the entities in the network.

13
Journal of Intelligent Information Systems

5.5 Authentication process and session key agreement

In terms of security, both authentication process and session key agreement are regarded
to be among the most important factors to consider. At first, the authentication process
request
Msg1 = CSIDi, Da , Ea from CUa,CS computes B�a = x1 CSIDi ∥ kc , Ea� = x1 CSIDi ∥ B�a ∥ Da ,
{ } ( ) ( )
?
the user can verify the validity Ea = Ea of their request by checking the box labeled “E
�

i prime?”
Next, the recipient receives from CS,CUa ) computes
{ }
Msg2) = Fa , X(a
,
r (
GRP�a = Faa modN, HSK � = x1 CSIDi ∥ GRP�a , Xa� = x1 Ba ∥ Da ∥ Fa ∥ HSK �
and can authenticate TCS by checking Xa� = Xa the response message Msg2 =
leftFi right from TCS. When receiving {a mutual } authentication message, TCS will
ignore the( M3prime value and verify ) Msg3 from CUa in step 4, it computes
Msg�3 = x1 CSIDi ∥ B�a ∥ Da ∥ Fa ∥ HSK , and can verify the validity of CUa by check-
?
ing Msg�3 = Msg3 the validity of the message. The proposed scheme enables the user
to authenticate with the cloud storage provider through a mutual authentication. The
session key HSK = x1 (CSIDi ∥ gra rc modN) As an additional step to the mutual authen-
tication, which incorporates both ra and rc from each of the two member organizations,
the cloud storage provider computes the information that a user provides to them using
random numbers obtained after the mutual authentication, which is carried out by the
cloud storage provider after the mutual authentication, and this is carried out by the
cloud storage provider afterwards

5.6 Violation of user anonymity

The identity CUIDA of AU⊣ is not sent in plain text CUIDa. However, UCUID a = CUID a
⊕ Xa. This is done via the use of a secret channel to deliver the results of the calculation to
a private key termed CS, which is encrypted. The CUIDa, in addition, can only be created
by the authorised CS that is used to authenticate users, and it is not made accessible to the
public.

5.7 Resist impersonation attack

In order to be successful in impersonating the user CUa, the attacker must first provide a
legitimate username and email address into the system. The attacker must next generate
a fake login request message
{ using the user’s email address as a starting point, and send
it to the victim. Msg∗1 (= CSIDi, D)∗a , Ea∗ and a valid response Msg∗3. User
( also know) the
}

Cloud Server’s Ba = h CSIDi ∥ rc . Since rc is and the user’s response h CSIDi ∥ rc An

attacker needs to know the Cloud Server’s details to carry out an attack. However, since
the device’s details are only known to the network’s random number, the attacker would be
unable to get them.

13
 Journal of Intelligent Information Systems

6 Cloud storage and data sharing security

This section is applicable to the proposed data sharing scheme.

6.1 Confidentiality

With our data sharing system, users can be certain that your information is com-
pletely safe and secure, Ui stores the encrypted data of m in its leftm _e,mV right, and
{it uses }the random number alphain Zq * to determine the original m.m,CUa stores
me , mV as the encrypted data of m on ( TCS, where 𝛼 ∈ Zq
∗ is a random number,

modN, mV = x1 gMsg modN . The Trusted Cloud Storage

x (CSIDi∣𝛼) )
me = m ⋅ g𝛼 ⋅ CUPKa2
(TCS) Provider allows holistic security and serves as a reference point for users which is
used to identify cloud providers that are aligned with their security requirements. Because
TCS cannot estimate the original m without knowing the random number α. The hardness
of finding discrete logarithms depends on the groups i.e., if the polynomial-time based on
few groups means then it is easily finding the solution O (n) but the large number group
means the complexity is much harder O (log k (n)).

6.2 Correctness

Users’ personal information may be retrieved by accessing the shared data m when the data
k
mb = mc ⋅ m∗b ⋅ Rbb modq
� � �
k −r � k
= me ⋅ m∗c ⋅ Rc c ⋅ CUPKb b ⋅ CUPK−x 2 (CSIDi‖𝛼) ⋅ R b modq
�� � a −r �
� b
� �
k −r � k
m ⋅ g𝛼 ⋅ CUPKxa 2 (CSIDi ∣ 𝛼) ⋅ CUPK c c ⋅g−𝛼 ⋅ Rc c ⋅ CUPKb b ⋅ CUPK a−xa (CSIDi ∣ 𝛼) ⋅ Rbb modq
�
=
−r� k −r k
= m ⋅ g𝛼 ⋅ CUPKxa 2 (CSIDi‖𝛼) ⋅ CUPKc c ⋅ g−𝛼 ⋅ Rc c ⋅ CUPKb b ⋅ CUPK −x
a
2
(CSIDi ‖𝛼) ⋅ Rbb modq
−r� k k
= m⋅ CUPKc c ⋅ Rc c ⋅ CUPK−rb
b ⋅ Rbb modq
r� rc k −r
= m⋅ CUPKcc cr c c ⋅ CUPKb b ⋅ grbk kkb modq
(1)
sharing scheme is configured properly and the scheme is implemented correctly.

6.3 Verifiable

When Ui Before obtaining the original data, one must first authenticate{ with the } C before
obtaining it. leftm _e, which will allow him to recover m. TCS and gets)−k e V , The user
m , m
may then devise a strategy for retrieving the m. me ⋅ g−𝛼 ⋅ gx2 (CSIDi∥𝛼) a modN, addition-
(

ally,
( the correctness
) ? of the data m may be verified by the use of a verification technique.
x1 gMsg modN = mV . When the user obtains Ui ’s shared data, he can verify its validity
by checking the validity of the data by checking h1 left (gleft ). Similarity, when the user
obtains a certain amount of data, he or she can check the validity of the data by checking
the h1.

6.4 Non‑transferable

According to the recommended strategy, it is possible that the user (CUl will ) get(permis-)
sion to share data from the user CUb. This is taken into consideration Rb , m∗b and mc , mV

13
Journal of Intelligent Information Systems

from CUa and TCS who gets the data sharing permission of Ul is the one who needs to
know the secret key kb of CUb, where kb of the Uj to recover the original data. This scheme
prevents the unauthorized transfer of the data sharing permission of Uj. It is necessary to
recover the original data (Table 3).

7 Proposed FHE scheme experimental analysis

Using Table-3 can calculate the time required to store the data during the data storage
phase. When it comes to secure data access, time cost of hash operation and modular inver-
sion refer to the parts of the process that require the usage of hash operations. When it
comes to authentication and login phases, both the user and the storage provider needs 2Te
+ 6Th for every session.

7.1 Theoretical analysis

Furthermore, the performance of our plan has been evaluated in relation to a number
of other comparable schemes using the AVISPA tool. Automated Validation of Inter-
net Security Protocols and Applications (AVISPA) is a push-button tool that provides
a modular and expressive formal language for describing protocols and their security
features. The various benefits of this tool include the ability to integrate various back
ends in order to execute a number of automatic analytic methodologies. It has a great
level of scalability and robustness. The AVISPA tool is a commonly used security veri-
fication tool that may be used to test a broad range of Internet Protocols and Applica-
tions, including, but not limited to, the HTTP and HTTPS protocols. The HTTP proto-
col for transfer hypertext over the Internet, whereas HTTPS is an extension of HTTP
(HTTP). HTTP has been the most extensively used protocol for data transfer over the
Web due to its simplicity. It operates at the application layer, while HTTPS is used for
secure communication, which is a communication protocol that uses Transport Layer
Security to encrypt data. It is also utilized to verify the security of our scheme’s secu-
rity measures AVISPA has four rear ends, which are as follows: There are four types
of model verifiers: 1) on-the-fly model verifier, 2) Constraint-Logic attack searcher,
3) SAT-based model verifier, and 4) Tree Automata. All of the players’ responsi-
bilities are depicted as fundamental roles in this diagram. The composition roles are
also referred to as composition roles in this document. A threat model, developed by
DolevYoo, is used to predict the behavior of the attacker. The HLPSL2IF security

Table 3  Time complexity Function Name Notation Used Time (in ms)

Bilinear pairing Tbp 0.0045

ECC point multiplication Tecm 0.0171
Fuzzy extractor function Tfe 0.0171
Hash function Th 0.00032
Modular inverse Tinv 0.00004275
Modular multiplication Tm 0.00001425
Symmetric encryption/decryption Tsym 0.0056

13
 Journal of Intelligent Information Systems

protocol combines an Intermediate Form and an output format that is used to construct
a security protocol. If a protocol fails, the attack trail of the failed protocol is included
in the OF if the protocol is unsafe. Also included in this program is a display of over-
all operation statistics (OI). Specifically, simulation results for the different rear ends
of the proposed method were left out of the paper. In addition, the fundamental roles
for the different users were established. It is possible to layer the AVISPA and HLPSL
implementations on top of one another. Ensuring the HLPSL implementation is done
correctly will help guarantee that the security protocol can achieve a particular state.
For the execution test, the scheme is carried out in batches and consists of several
model checking sessions that are carried out simultaneously. The suggested technique
enables authorized agents to carry out a given procedure while also searching for and
identifying a passive intruder. This scheme is calculated using the OFMC and CL-AtSe
back ends, which are both open source. The scheme is found in around 0.35 seconds
after being searched. The depth of the network is around seven plies, and the number
of visited nodes is approximately 128.

7.2 Computational complexity

We have computed the computational complexity Th of the various schemes and cryp-
tographic operations that we have used Tpm. The time necessary to do It takes 0.000732
ms to do a hash operation, whereas it takes 0.002975ms to calculate the result of point
multiplication. ms. For calculating the computational complexity of this scheme, we
have considered the various hash Th functions that are involved in its operation. The
time required for calculating the operation’s duration and the number of operations
performed are computed in the following tables. Results shows (Figs. 3 and 4, Table 4)

Fig. 3  AVISPA architecture

13
Journal of Intelligent Information Systems

Fig. 4  After other factors, computational overhead

Table 4  Computational overhead Protocols Time (in ms) Operations Performed

[10] 0.0349ms 17Th + 7Tpm

[2] 0.0316ms 38Th
[13] 0.0287ms 13Th + 6Tpm
[14] 0.0191ms 23Th
[3] 0.0189ms 15Th + 5Tpm
Proposed FHE 0.0174ms 13Th + 5Tpm

7.3 Storage overhead

The amount of space needed for keeping the different parameters of a specific scheme
is referred to as the storage cost of the scheme. It is calculated by dividing the cost
of storage by the number of bytes stored. In the table, it can be seen that our plan is
around the same price as the other schemes. Our solution, on the other hand, is more
cost-effective in terms of storage (Table 5 and Fig. 5).

7.4 Communication overhead

In computing the communication cost, the bit size of each entity’s message is taken
into account. It is expressed as a percentage of the total amount of bytes available. The
establishment of a session between two parties results (Table 6 and Fig. 6).

13
 Journal of Intelligent Information Systems

Table 5  Analysis of Storage Protocols Storage

overhead Cost(in bits)

Proposed FHE 728

[3] 858
[10] 928
[14] 1696
[2] 1088
[13] 1248

Fig. 5  Analysis of results in Storage overhead the computational cost of various proposed and related proto-
cols. It is also shown in the Y-axis as the computation cost

Table 6  Analysis of Protocols Communication

Communication overhead in Cost(in bits)
Various Protocols with proposed
model
Proposed FHE 2646
[3] 2750
[13] 2832
[10] 2896
[14] 6788
[2] 6548

13
Journal of Intelligent Information Systems

Fig. 6  Comparison of Communication Cost (Number of Bits ) in establishing a mutually authenticated con-
nection between the two parties. In data sharing services, the user authenticates by presenting a credential
token to the service provider

7.5 Comparison of security features

Cloud storage C allows you to store and distribute encrypted data AS. The result shows
the difference in the number of bits required for communication between the various
protocols. Table-5 also shows the same efficiency comparison of the protocols with
security features such as Data Confidentiality (F1), Flexible Data Access Control(F2),
Man-in-Middle Attack (F3), Mutual Authentication(F4), Non-Repudiation (F5), Pass-
word Guessing Attack (F6), Password Stolen Attack(F7), Perfect Forward Secrecy
(F8), Provide User Anonymity (F9), Server Impersonation (F10), Stolen Verifier and
Privileged Insider Attack (F11) and User Impersonation Attack (F12). After analyzing
the various aspects of our proposed protocol, we can conclude that it is more advanta-
geous for our system’s resource utilization. It also provides enhanced security features
(Table 7).

8 Conclusion and future work

We presented a mechanism for user authentication that limits access to cloud storage to
individuals who are not allowed to do so. Additionally, we proposed a safe data sharing
system based on the difficult intractable discrete logarithm issue. Numerous elements
must be taken into account when determining the security of data sharing for cloud

13
 Journal of Intelligent Information Systems

Table 7  Comparison of security Features 15 13 10 14 3 Proposed FHE

features
F1 X N/A X X N/A ✓
F2 N/A N/A X X N/A ✓
F3 X ✓ X X ✓ ✓
F4 ✓ ✓ ✓ ✓ ✓ ✓
F5 N/A N/A X X N/A ✓
F6 X X X X X ✓
F7 X N/A X X X ✓
F8 X ✓ X X X ✓
F9 X ✓ X X ✓
F10 X ✓ X X ✓ ✓
F11 X ✓ X X X ✓
F12 ✓ ✓ X X ✓ ✓

storage. Among them is ensuring that the data owner has access to the internet in order
to spread the data. Cloud applications may benefit from this kind of secure data stor-
age and access method. It incorporates the user attribute rules, biometrics, and Fully
homomorphic double encryption necessary for storage provider access. If a user shares
his data with another user, the system administrator must revoke the user’s authorization
to share private data. Data may be moved to another cloud storage provider only with
the express permission of the user. Unfortunately, there are several drawbacks to rely-
ing on the internet to communicate data. For instance, if the data owner intends to share
his or her information with a group, he or she should specify which group. This method
has the ability to protect data from unauthorised access. We compared and contrasted
the proposed technique to existing studies on cloud storage. Recent techniques have
exposed users’ privacy by making it simple for an attacker to identify a genuine user.

Data Availability Data analyzed during the research is available upon reasonable request.

Declarations
Conflict of Interests The authors declare that they have no conflict of interest.

References
Albrecht, M., Chase, M., Chen, H., Ding, J., Goldwasser, S., Gorbunov, S., Halevi, S., Hoffstein, J.,
Laine, K., Lauter, K., & et al. (2019). Homomorphic encryption standard. Cryptology ePrint
Archive.
Ghaffar, Z., Ahmed, S., Mahmood, K., Islam, S.H., Hassan, M.M., & Fortino, G. (2020). An improved
authentication scheme for remote data access and sharing over cloud storage in cyber-physical-social-
systems. IEEE Access, 8, 47144–47160.
Karati, A., Amin, R., Mohit, P., Sureshkumar, V., & Biswas, G.P. (2021). Design of a secure file storage and
access protocol for cloud-enabled internet of things environment. Computers and Electrical Engineer-
ing, 94, 107298.

13
Journal of Intelligent Information Systems

Kaleem, M.A., Khan, P.M., & Khan, U.A. (2021). Strengthening of homomorphic encryption scheme for
cloud environment using particle optimization algorithm. In 2021 Fourth international conference on
computational intelligence and communication technologies (CCICT) (pp. 397–405). IEEE.
Li, X., Kumari, S., Shen, J., Wu, F., Chen, C., & Islam, S.K. (2017). Secure data access and sharing scheme
for cloud storage. Wireless Personal Communications, 96(4), 5295–5314.
Liu, J., Wang, C., Tu, Z., Wang, X.A., Lin, C., & Li, Z. (2021). Secure KNN classification scheme based on
homomorphic encryption for cyberspace. Security and Communication Networks, 2021.
Rawal, B.S., & Vivek, S.S. (2017). Secure cloud storage and file sharing. 2017 IEEE international confer-
ence on smart cloud (SmartCloud). https://​doi.​org/​10.​1109/​smart​cloud.​2017.​19.
Yang, X., Zheng, S., Zhou, T., Liu, Y., & Che, X. (2021). Optimized relinearization algorithm of the multi-
key homomorphic encryption scheme. Tsinghua Science and Technology, 27(3), 642–652.
Zhou, L., Li, X., Yeh, K.-H., Su, C., & Chiu, W. (2019). Lightweight iot-based authentication scheme in
cloud computing circumstance. Future Generation Computer Systems, 91, 244–251.
Zhu, H., Wang, C., & Wang, X. (2021). Quantum fully homomorphic encryption scheme for cloud privacy
data based on quantum circuit. International Journal of Theoretical Physics, 60(8), 2961–2975.

Publisher’s note Springer Nature remains neutral with regard to jurisdictional claims in published maps and
institutional affiliations.

13