A Review on Group data sharing agreement using block design

based key in cloud computing

Abstract—Data sharing in cloud computing enables multiple participants to freely share the
group data, which improves the efficiency of work in cooperative environments and has
widespread potential applications. However, how to ensure the security of data sharing within
a group and how to efficiently share the outsourced data in a group manner are formidable
challenges. Note that key agreement protocols have played a very important role in secure
and efficient group data sharing in cloud computing. In this paper, by taking advantage of the
symmetric balanced incomplete block design (SBIBD), we present a novel block design-
based key agreement protocol that supports multiple participants, which can flexibly extend
the number of participants in a cloud environment according to the structure of the block
design. Based on the proposed group data sharing model, we present general formulas for
generating the common conference key K for multiple participants. Note that by benefiting
from the (v; k + 1; 1)-block design, the computational complexity of the proposed protocol
linearly increases with the number of participants and the communication complexity is
greatly reduced. In addition, the fault tolerance property of our protocol enables the group
data sharing in cloud computing to withstand different key attacks, which is similar to Yi’s
protocol.
Keywords—Key agreement protocol, symmetric balanced incomplete block design
(SBIBD), data sharing, cloud computing.

1. Introduction

Cloud computing and cloud storage have become hot topics in recent decades. Both are
changing the way we live and greatly improving production efficiency in some areas. At
present, due to limited storage resources and the requirement for convenient access, we prefer
to store all types of data in cloud servers, which is also a good option for companies and
organizations to avoid the overhead of deploying and maintaining equipment when data are
stored locally. The cloud server provides an open and convenient storage platform for
individuals and organizations, but it also introduces security problems. For instance, a cloud
system may be subjected to attacks from both malicious users and cloud providers. In these
scenarios, it is important to ensure the security of the stored data in the cloud. In [1], [2], [3],
several schemes were proposed to preserve the privacy of the outsourced data. The above
schemes only considered security problems of a single data owner. However, in some
applications, multiple data owners would like to securely share their data in a group manner.
Therefore, a protocol that supports secure group data sharing under cloud computing is
needed. A key agreement protocol is used to generate a common conference key for multiple
participants to ensure the security of their later communications, and this protocol can be
applied in cloud computing to support secure and efficient data sharing. Since it was
introduced by Diffie-Hellman in their seminal paper [4], the key agreement protocol has
become one of the fundamental cryptographic primitives. The basic version of the Diffie-
Hellman protocol provides an efficient solution to the problem of creating a common secret
key between two participants. In cryptography, a key agreement protocol is a protocol in
which two or more parties can agree on a key in such a way that both influence the outcome.
By employing the key agreement protocol, the conferees can securely send and receive
messages from each other using the common conference key that they agree upon in advance.
Specifically, a secure key agreement protocol ensures that the adversary cannot obtain the
generated key by implementing malicious attacks, such as eavesdropping. Thus, the key
agreement protocol can be widely used in interactive communication environments with high
security requirements (e.g., remote board meetings, teleconferences, collaborative
workspaces, radio frequency identification [5], cloud computing and so on). The Diffie-
Hellman key agreement [4] provides a way to generate keys. However, it does not provide an
authentication service, which makes it vulnerable to man in- the-middle attacks. This
situation can be addressed by adding some forms of authentication mechanisms to the
protocol, as proposed by Law et al. in [6]. In addition, the Diffie-Hellman key agreement can
only support two participants. Subsequently, to solve the different key attacks from malicious
conferees, who attempt to deliberately delay or destroy the conference, Yi proposed an
identity-based fault-tolerant conference key agreement in [7]. Currently, many researches
have been devoted to improving the security and communication efficiency of the key
agreement protocol, which is covered in the literature [8], [9], [10], [11]. Note that in Chung
and Bae’s paper [12] and Lee et al.’s paper [13], block design is utilized in the design of an
efficient load balance algorithm to maintain load balancing in a distributed system. Inspired
by [12] and [13], we introduce the symmetric balanced incomplete block design (SBIBD) in
designing the key agreement protocol to reduce the complexity of communication and
computation. As far as we know, the work to design the key agreement protocol with respect
to the SBIBD is novel and original.
REFERENCES
[1] L. Zhou, V. Varadharajan, and M. Hitchens, “Cryptographic role based access
control for secure cloud data storage systems,” Information Forensics and Security
IEEE Transactions on, vol. 10, no. 11, pp. 2381–2395, 2015.
[2] F. Chen, T. Xiang, Y. Yang, and S. S. M. Chow, “Secure cloud storage meets with
secure network coding,” in IEEE INFOCOM, 2014, pp. 673–681.
[3] D. He, S. Zeadally, and L. Wu, “Certificateless public auditing scheme for cloud-
assisted wireless body area networks,” IEEE Systems Journal, pp. 1–10, 2015.
[4] W. Diffie and M. E. Hellman, “New directions in cryptography,” IEEE Transactions
on Information Theory, vol. 22, no. 6, pp. 644–654, 1976.
[5] J. Shen, H. Tan, S. Moh, I. Chung, and J. Wang, “An efficient rfid authentication
protocol providing strong privacy and security,” Journal of Internet Technology, vol.
17, no. 3, p. 2, 2016.
[6] L. Law, A. Menezes, M. Qu, J. Solinas, and S. Vanstone, “An efficient protocol for
authenticated key agreement,” Designs Codes and Cryptography, vol. 28, no. 2, pp.
119–134, 2010.
[7] X. Yi, “Identity-based fault-tolerant conference key agreement,” IEEE Transactions
on Dependable and Secure Computing, vol. 1, no. 3, pp. 170–178, 2004.
[8] R. Barua, R. Dutta, and P. Sarkar, “Extending joux’s protocol to multi party key
agreement (extended abstract).” Lecture Notes in Computer Science, vol. 2003, pp.
205–217, 2003.
[9] J. Shen, S. Moh, and I. Chung, “Identity-based key agreement protocol employing a
symmetric balanced incomplete block design,” Journal of Communications and
Networks, vol. 14, no. 6, pp. 682–691, 2012.
[10] B. Dan and M. Franklin, “Identity-based encryption from the weil pairing,” Siam
Journal on Computing, vol. 32, no. 3, pp. 213–229, 2003.
[11] S. Blakewilson, D. Johnson, and A. Menezes, “Key agreement protocols and their
security analysis,” in IMA International Conference on Cryptography and Coding,
1997, pp. 30–45.
[12] I. Chung and Y. Bae, “The design of an efficient load balancing algorithm
employing block design,” Journal of Applied Mathematics and Computing, vol. 14,
no. 1, pp. 343–351, 2004.
[13] O. Lee, S. Yoo, B. Park, and I. Chung, “The design and analysis of an efficient load
balancing algorithm employing the symmetric balanced incomplete block design.”
Information Sciences, vol. 176, no. 15, pp. 2148–2160, 2006.
[14] R. Curtmola, J. Garay, S. Kamara, and R. Ostrovsky, “Searchable symmetric
encryption: Improved definitions and efficient constructions,” Journal of Computer
Security, vol. 19, no. 5, pp. 79–88, 2011.
[15] N. Cao, C. Wang, M. Li, K. Ren, and W. Lou, “Privacy-preserving multi-keyword
ranked search over encrypted cloud data,” IEEE Transactions on Parallel and
Distributed Systems, vol. 25, no. 1, pp.222–233, 2014.
[16] J. Yu, K. Ren, C. Wang, and V. Varadharajan, “Enabling cloud storage auditing with
key-exposure resistance,” IEEE Transactions on Information Forensics and Security,
vol. 10, no. 6, pp. 1–1, 2015.
[17] J. Yu, K. Ren, and C. Wang, “Enabling cloud storage auditing with verifiable
outsourcing of key updates,” IEEE Transactions on Information Forensics and
Security, vol. 11, no. 6, pp. 1–1, 2016.
[18] S. D. C. D. Vimercati, S. Foresti, S. Jajodia, S. Paraboschi, and P. Samarati,
“Encryption policies for regulating access to outsourced data,” Acm Transactions on
Database Systems, vol. 35, no. 2, pp. 78–78, 2010.
[19] H. Guo, Z. Li, Y. Mu, and X. Zhang, “Cryptanalysis of simple three-party key
exchange protocol,” Computers and Security, vol. 27, no. 1-2, pp. 16–21, 2008.
[20] Z. Tan, “An enhanced three-party authentication key exchange protocol for mobile
commerce environments,” Journal of Communications, vol. 5, no. 5, pp. 436–443,
2010.
[21] Y. M. Tseng, “An efficient two-party identity-based key exchange protocol.”
Informatica, vol. 18, no. 1, pp. 125–136, 2007.
[22] A. Shamir, “Identity-based cryptosystems and signature schemes,” Lecture Notes in
Computer Science, vol. 21, no. 2, pp. 47–53, 1985.
[23] E. Bresson, O. Chevassut, D. Pointcheval, and J. J. Quisquater, “Provably
authenticated group diffie-hellman key exchange,” Acm Transactions on
Information and System Security, vol. 10, no. 3, pp.89–92, 2001.
[24] D. R. Stinson, Combinatorial designs: constructions and analysis. Springer Science
and Business Media, 2007.
[25] J. Shen, J. Shen, X. Chen, X. Huang, and W. Susilo, “An efficient public auditing
protocol with novel dynamic structure for cloud data,” IEEE Transactions on
Information Forensics and Security, 2017, doi: 10.1109/TIFS.2017.2705620.
[26] B. Lamacchia, K. Lauter, and A. Mityagin, “Stronger security of authenticated key
exchange,” in International Conference on Provable Security, 2007, pp. 1–16.
[27] O. Hasan, L. Brunie, E. Bertino, and N. Shang, “A decentralized privacy preserving
reputation protocol for the malicious adversarial model,” Information Forensics and
Security IEEE Transactions on, vol. 8, no. 6, pp. 949–962, 2013.
[28] L.-K. Hua, Introduction to number theory. Springer Science and Business Media,
2012.
[29] W. Stallings, “Cryptography and network security: Principles and practice,”
International Annals of Criminology, vol. 46, no. 4, pp. 121–136, 2008.
[30] M. Steiner, G. Tsudik, and M. Waidner, “Key agreement in dynamic peer groups,”
IEEE Transactions on Parallel and Distributed Systems, vol. 11, no. 8, pp. 769–780,
2000.