Journal of Internet Computing and Services (인터넷정보학회논문지)

Korean Society for Internet Information (한국인터넷정보학회)
권호 표지
DOI QR코드

DOI QR Code

An Efficient and Secure Data Storage Scheme using ECC in Cloud Computing

클라우드 컴퓨팅에서 ECC 암호를 적용한 안전한 데이터 스토리지 스킴

  • Yin, XiaoChun (Department of Ubiquitous IT, Dongseo University, Weifang University of Science & Technology) ;
  • Thiranant, Non (Department of Ubiquitous IT, Dongseo University) ;
  • Lee, HoonJae (Division of Computer and Information Eng., Dongseo University)
  • Received : 2013.10.30
  • Accepted : 2014.01.21
  • Published : 2014.04.30
Download PDF
⟨ Previous Next ⟩

Abstract

With the fast development of internet, cloud computing has become the most demanded technology used all over the world. Cloud computing facilitates its consumers by providing virtual resources via internet. One of the prominent services offered in cloud computing is cloud storage. The rapid growth of cloud computing also increases severe security concerns to cloud storage. In this paper, we propose a scheme which allows users not only securely store and access data in the cloud, but also share data with multiple users in a secured way via unsecured internet. We use ECC for cryptography and authentication operation which makes the scheme work in a more efficient way.

인터넷의 빠른 발전과 더불어 클라우드 컴퓨팅 기술은 가장 기술개발이 시급한 분야가 되고 있다. 클라우드 컴퓨팅은 고객들이 인터넷을 통하여 가상 자원을 제공받게 되며, 가장 시급하게 해결해야할 문제 중의 하나로 클라우드 스토리지를 들 수 있다. 클라우드 컴퓨팅분야의 급격한 증가는 클라우드 스토리지에서 심각한 보안문제를 불러일으키고 있다. 본 논문에서는 인터넷을 통하여 안전하게 데이터를 저장할 수 있고 보안 접근통제가 가능하고 또한 안전하지 않은 인터넷을 통하여 안전하게 다중 사용자끼리 데이터를 공유할 수 있는 스킴을 제안한다. 데이터 스토리지 보안 스킴의 효율을 높이기 위하여 ECC 암호를 데이터 보호 및 인증과정에서 적용한다.

Keywords

References

  1. Zhu, S., Yang, X., & Wu, X.. Secure Cloud File System with Attribute Based Encryption. In Intelligent Networking and Collaborative Systems (INCoS), 2013 5th International Conference on (pp. 99-102). IEEE.
  2. Zwattendorfer, B., & Tauber, A.. Secure cloud authentication using eIDs. In Cloud Computing and Intelligent Systems (CCIS), 2012 IEEE 2nd International Conference on (Vol. 1, pp. 397-401). IEEE.
  3. Liu, Q., Wang, G., & Wu, J.. Efficient sharing of secure cloud storage services. In Computer and Information Technology (CIT), 2010 IEEE 10th International Conference on (pp. 922-929). IEEE.
  4. R. Ada Popa, J. Lorch, D. Molnar, H. J. Wang, and L. Zhuang. Enabling security in cloud storage SLAs with cloudproof. Technical Report MSR-TR-2010-46, Microsoft Research, 2010.
  5. Stallings, W, "Cryptography and Network Security: Principles and Practices", Prentice Hall, 4th Edition, pp 420-430, 2009.
  6. Hankerson, D, Menezes, A, Vanstone, S, "Guide to elliptic curve cryptography", Springer-Verlag, New York, USA, 2004.
  7. Koblitz, N, "Elliptic Curve Cryptosystem", Journal of mathematics computation, Vol. 48, No. 177, pp203-209, 1987. https://doi.org/10.1090/S0025-5718-1987-0866109-5
  8. Miller, V, "Use of elliptic curves in cryptography", Proc. of Advances in Cryptology-CRYPTO' 85, LNCS, Vol. 218, pp. 417-426, 1985.
  9. V.Miller, "Uses of elliptic curves in cryptography", Lecture Notes in Computer Science218: Advances in Cryptology- CRYPTO'85, pages417-426, Springer-Verlag, Berlin, 1986.
  10. N.Koblitz, "Elliptic curve cryptosystems", Mathematics of Computation, 48:203-209, 1987. https://doi.org/10.1090/S0025-5718-1987-0866109-5
  11. Use of Elliptic Curve Cryptography (ECC) Algorithms in Cryptographic Message Syntax (CMS), Apr. 2002, http://www.ietf.org/rfc/rfc3278.txt
  12. M. Abdalla, M. Bellare, P. Rogaway, DHIES: An Encryption Scheme Based on the Diffie-Hellman Problem, Contribution to IEEE P1363a, 1998,http://cseweb.ucsd.edu/users/mihir/papers/dhaes.pdf.
  13. M. Abdalla, M. Bellare, P. Rogaway, The oracle Diffie-Hellman assmptions and an analysis of DHIES, Lecture Notes in Comput. Sci.2020(2001), 143-158.
  14. American National Standards Institute, Public Key Cryptography for the Financial Services Industry: The Elliptic Curve Digital Signature Algorithm (ECDSA), 1998.
  15. V. Gayoso Martinez, L. Hernandez Encinas, and C. Sanchez Avila, Journal of Computer Science and Engineering, Volum 2, Issue 2, August
  16. Brainpool, ECC Brainpool Standard Curves and Curve Generation, 2005, http://www.ecc-brainpool.org/download/Domain-parameters.pdf.
  17. Bundesamt fur Sicherheit in der Information stechnik, Elliptic Curve Cryptography, 2009, https://www.bsi.bund.de/cln 183/EN/Home/home node.html.
  18. W. Diffie, M.E. Hellman, New directions in cryptography, IEEE Trans. Inform. Theory 22(1976), 644-654. https://doi.org/10.1109/TIT.1976.1055638
  19. Arjun Kumar, Byung Gook Lee, HoonJae Lee, Secure Storage and Access of Data in Cloud Computing, ICT Convergence (ICTC), 2012 International Conference on Oct. 15-17, 2012
  20. Institute of Electrical and Electronics Engineers, Standard Specifications for Public Key Cryptography-Amendment 1: Additional Techniques, 2004.
  21. International Organization for Standardization / International Electro technical Commission, Information Technology - Security Techniques - Encryption Algorithms - Part 2: Asymmetric Ciphers, 2006.
  22. N. Koblitz, Elliptic curve cryptosystems, Math. Comp. 48(1987), 203-209. https://doi.org/10.1090/S0025-5718-1987-0866109-5
  23. V. Gayoso Martinez, L. Hernandez Encinas, C. Sanchez Avila, Security and practical considerations when implementing the Elliptic Curve Integrated Encryption Scheme, preprint, 2010.
  24. V. S. Miller, Use of elliptic curves in cryptography, Lecture Notes in Comput.Sci.218(1986), 417-426.
  25. National Institute of Standards and Technology, Digital Signature Standard (DSS), 2000.
  26. J. H. Silverman, The Arithmetic of Elliptic Curves, volume 106 of Graduate texts in Mathematics, Springer-Verlag, New York, NY, USA, 1986.
  27. Standards for Efficient Cryptography Group, Test Vectors for SEC 1, 1999, http://www.secg.org/download/aid-390/gec2.pdf.
  28. Standards for Efficient Cryptography Group, Elliptic Curve Cryptography, 2000, http://www.secg.org/download/aid-86/sec2 final.pdf.
  29. Standards for Efficient Cryptography Group, Recommended Elliptic Curve Domain Parameters, 2000, http://www.secg.org/download/aid-780/sec1-v2.pdf.
  30. Yunho Lee, "An Analysis on the Vulnerability of Secure Keypads for Mobile Devices," Journal of Korean Society for Internet Information, Vol.14, No.5, pp.15-21, June 2013. https://doi.org/10.7472/jksii.2013.14.3.15
  31. Young Bae Yoon, Junseok Oh, Bong Gyou Lee, "The Important Factors in Security for Introducing the Cloud Services," Journal of Korean Society for Internet Information, Vol. 13, No. 6, pp.33-40, Dec. 2012. https://doi.org/10.7472/jksii.2012.13.6.33
  32. Hee Won Myeong, Jung Ha Paik, Dong Hoon Lee, "Study on implementation of Secure HTML5 Local Storage," Journal of Korean Society for Internet Information, Vol. 13, No. 4, pp.83-93, Aug. 2012. https://doi.org/10.7472/jksii.2012.13.4.83

Cited by

  1. An Empirical Analysis on the Persistent Usage Intention of Chinese Personal Cloud Service vol.16, pp.3, 2015, https://doi.org/10.7472/jksii.2015.16.3.79
  2. Ownership-guaranteed security framework for the private data in the entrusted management environment vol.18, pp.3, 2015, https://doi.org/10.1007/s10586-015-0474-4
  3. Elliptic Curve Diffie-Hellman Random Keys Using Artificial Neural Network and Genetic Algorithm for Secure Data over Private Cloud vol.15, pp.3, 2016, https://doi.org/10.3923/itj.2016.77.83