Home Tsinghua Science and Technology Article
PDF (2.3 MB)
Cite
EndNote(RIS) BibTeX
Collect
Submit Manuscript
Show Outline
Figures (14)

Show 5 more figures Hide 5 figures
Tables (4)
Table 1
Table 2
Table 3
Table 4
Open Access

Analysis of Classical Encryption Techniques in Cloud Computing

Department of Computer Science, University of Management Science and Information, Kotli, AJK, Pakistan.
School of Computer & Communication Engineering, University of Science and Technology, Beijing 100083, China.
Department of Computer Science, National University of Modern Languages, Islamabad 44000, Pakistan.
Show Author Information

Abstract

Cloud computing has become a significant computing model in the IT industry. In this emerging model, computing resources such as software, hardware, networking, and storage can be accessed anywhere in the world on a pay-per-use basis. However, storing sensitive data on un-trusted servers is a challenging issue for this model. To guarantee confidentiality and proper access control of outsourced sensitive data, classical encryption techniques are used. However, such access control schemes are not feasible in cloud computing because of their lack of flexibility, scalability, and fine-grained access control. Instead, Attribute-Based Encryption (ABE) techniques are used in the cloud. This paper extensively surveys all ABE schemes and creates a comparison table for the key criteria for these schemes in cloud applications.

Keywords

cloud computingaccess controlfine-grained accessweighted attribute

References

[1]
Krogstie J., Model-Based Development and Evolution of Information Systems: A Quality Approach. Springer, 2012.
Crossref
[2]
Wan Z., Liu J. E., and Deng R. H., A hierarchical attribute-based solution for flexible and scalable access control, IEEE Transactions on Information Forensics and Security, vol. 7, no. 2, pp. 743754, 2012.
Crossref Google Scholar
[3]
Balamurugan B. and Venkata Krishna P., Extensive survey on usage of attribute based encryption in cloud, Journal of Emerging Technologies in Web Intelligence, vol. 6, no. 3, pp. 263272, 2014.
Google Scholar
[4]
Li M., Yu S., Zheng Y., Ren K., and Lou W., Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption, IEEE Transactions on Parallel and Distributed Systems, vol. 24, no. 1, pp. 131143, 2013.
Crossref Google Scholar
[5]
Purushothama B. R. and Amberker B. B., Access control mechanisms for outsourced data in cloud, in Communication Systems and Networks (COMSNETS), 2012 Fourth International Conference on. IEEE, 2012.
Crossref
[6]
Vijayalakshmi A. and Arunapriya R., Authentication of data storage using decentralized access control in clouds, Journal of Global Research in Computer Science, vol. 5, no. 9, pp. 14, 2014.
Google Scholar
[7]
Punithasurya K. and Priya J., Analysis of different access control mechanism in cloud, International Journal of Applied Information Systems, vol. 4, 2012. .
Crossref Google Scholar
[8]
Shamir A., Identity-based cryptosystems and signature schemes, in Advances in Cryptology, Blakley G. R. and Chaum D., eds. Springer Berlin Heidelberg, 1985.
[9]
Ning H. and Liu H., Cyber-physical-social-thinking space based science and technology framework for the Internet of Things, SCIENCE CHINA Information Sciences, vol. 58, no. 3, pp. 119, 2015.
Crossref Google Scholar
[10]
Li K., Hu T. X., and Fen L. J., Tight chosen ciphertext attack (CCA)-secure hybrid encryption scheme with full public verifiability, SCIENCE CHINA Information Sciences, vol. 57, no. 11, pp. 114, 2014.
Crossref Google Scholar
[11]
Ghafoor A., Sher M., Imran M., and Saleem K., A lightweight key freshness scheme for wireless sensor networks, in 12th International Conference on Information Technology - New Generations, 2015.
Crossref
[12]
Lee C. C., Chung P., and Hwang M. S., A survey on attribute-based encryption schemes of access control in cloud environments, International Journal of Network Security, vol. 15, no. 4, pp. 231240, 2013.
Google Scholar
[13]
Garg S., Gentry C., and Halevi S., Candidate multilinear maps from ideal lattices, in Eurocrypt, 2013.
Crossref
[14]
Garg S., Gentry C., Halevi S., Sahai A., and Waters B., Attribute-based encryption for circuits from multilinear maps, Lecture Notes in Computer Science, vol. 8043, pp. 479499, 2013.
Crossref Google Scholar
[15]
Sahai A. and Waters B., Fuzzy identity based encryption, in Proc. Advances in Cryptology-Eurocrypt, 2005, pp. 457473.
Crossref
[16]
Singh P. and Singh S., Cross bread role based access control for extended security at Azure in cloud computing, International Journal of Application or Innovation in Engineering and Management, vol. 2, no. 2, pp. 205208, 2013.
Google Scholar
[17]
Goyal V., Pandey O., Sahai A., and Waters B., Attribute based encryption for fine-grained access control of encrypted data, in Proc. ACM Conf. Computer and Communications, 2006.
Crossref
[18]
Et-Al C. Vinoth, Secure data storage in cloud by using asymmetric key management based encryption, in Ijsrset, 2015.
[19]
Gaikwad R., Dakhane D. M., and Pardhi R. L., Implementation and analysis of network security using Hasbe, International Journal of Emerging Trends & Technology in Computer Science, vol. 3, vol. 2, pp. 170174, 2014.
Google Scholar
[20]
Bethencourt J., Sahai A., and Waters B., Cipher text-policy attribute based encryption, in Proceeding IEEE Symposium Security and Privacy, 2007.
Crossref
[21]
Rifki S., Park Y., and Moon S., A fully secure cipher text-policy attribute-based encryption with a tree-based access structure, Journal of Information Science and Engineering, vol. 31, pp. 247265, 2015.
Google Scholar
[22]
Bobba R., Khuranaand H., and Prabhakaran M., Attribute-sets: A practically motivated enhanced to attribute-based encryption, in Proc. Esorics, Saint Malo, France, 2009.
[23]
Poornima B. and Rajendran T., Improving cloud security by enhanced Hasbe using hybrid encryption scheme, in 2014 World Congress on Computing and Communication Technologies, 2013.
Crossref
[24]
Wang G., Liu Q., and Wu J., Hierarchical attribute-based encryption for fine-grained access control in cloud storage services, in Proc. ACM Conf. Computer and Communication Security, 2010.
Crossref
[25]
Wan Z., Liu J., and Deng H., Hasbe: A hierarchical attribute based solution for flexible and scalable access control in cloud computing, IEEE Transaction on Information Forensics and Security, vol. 7, no. 2, pp. 743754, 2012.
Crossref Google Scholar
[26]
Gaikwad R. L., Dakhane D. M., and Pardhi R. L., Implementation of network security model in cloud computing using encryption technique, International Journal of Recent Advances in Engineering & Technology, vol. 1, no. 2, pp. 5156, 2013
Google Scholar
[27]
Rachel D. Hephzi and Prathiba S., An enhanced Hasbe for cloud computing environment, International Journal of Computer Science and Mobile Computing, vol. 2, no. 4, pp. 396401, 2013.
Google Scholar
[28]
Aravinth S. S. and Ramkumar M., Empowered service delegation with attribute encryption for distributed cloud computing, in Current Trends in Engineering and Technology (ICCTET), 2013 International Conference on, Coimbatore, India, 2013.
Crossref
[29]
Krishna N. and Bhavani L., Hasbe: A hierarchical attribute set based encryption for flexible, scalable and fine grained access control in cloud computing, International Journal of Computer & Organization Trends, vol. 3, no. 9, pp. 294301, 2013.
Google Scholar
[30]
Liu X., Zhu H., Ma J., Xiong J., Li Q., and Jun M., Cipher text-policy weighted attribute based encryption for fine-grained access control, in 2013 5th International Conference On Intelligent Networking And Collaborative Systems, 2013.
Crossref
[31]
Liu X., Zhu H., Ma J., and Ma S., Key-policy weighted attribute based encryption for fine-grained access control, in Icc14-W5: Workshop on Secure Networking and Forensic Computing, 2014.
Crossref
[32]
Yang K., Jia X., Ren K., and Zhang B., Dac-Macs: Effective data access control for multi-authority cloud storage systems, in Proceedings of IEEE Infocom, 2013.
Crossref
[33]
Yang K. and Jia X., Attributed-based access control for Multi authority systems in cloud storage, in Distributed Computing Systems (Icdcs), 2012 IEEE 32nd International Conference on, 2012, pp. 536545.
Crossref
[34]
Wang Y., Zhang D., and Zhong H., Multi-authority based weighted attribute encryption scheme in cloud computing, in 2014 10th International Conference on Natural Computation, 2014.
Crossref
Tsinghua Science and Technology
Volume 21 Issue 1,
February 2016
Pages 102-113
DOI: 10.1109/TST.2016.7399287
Cite this article:
Shabir MY, Iqbal A, Mahmood Z, et al. Analysis of Classical Encryption Techniques in Cloud Computing. Tsinghua Science and Technology, 2016, 21(1): 102-113. https://doi.org/10.1109/TST.2016.7399287
Metrics & Citations  
Article History
Copyright
Return

10.1109/TST.2016.7399287.T1Features’ comparison of traditional access control schemes.

SchemeFeatureLimitation
DACUser oriented and based on identity of requestor. Complete authority over all resource. Owner discretion access through administrator.Possibility to filch the copy of the original message. Cumbersome and time consuming in large environment
MACAccess control based on security labels like secret, top secret, confidential.Limited user functionality and high admin overhead
Used in environment where paramount importance is confidentiality.
More secure and easy to scale.
RBACAccess based on user’s role, not identity. User’s right can change and scalable to some degree.Possibility of role explosion.
Unable to accommodate in real-time context. Roles are static.
ABACAccess is based on user’s attribute. More secure, flexible and scalable. Attributes describe role that is built dynamically at run time.Organization change necessary to manage attributes.

10.1109/TST.2016.7399287.T2Features’ comparison of ABE encryption techniques.

Author & contributionFeatureLimitation
Wan et al.[2]: Hierarchical ABEComputation tasks are fully delegated by combining HIBE and CP-ABELack of support compound attributes and multiple attribute allocation
Sahai and Waters[15] : Fuzzy IBEOne-to-many encryption technique for the fine grained access controlLack of express ability in their threshold value. Create computation overhead, when users vary
Goyal et al.[17]: Key policyReducing the computation overhead by defining the access control structure with the private keyLack of flexibility and scalability
Bethencourt et al.[20]: Cipher text policyBetter than key policy in the terms of enforce access control with encrypted dataNot suitable in enterprise environment because only supports logically organized single set of attributes
Rifki et al.[21]: Non monotonic access structureMore flexibility in their access control structure by defining negated attributesHuge overhead in the sense of useless attributes
Bobba et al.[22]: Attribute set base ABEUseful in enterprise level and support recursive family set of attribute instead of single setPreventing collusion and combining attribute from multiple set is real challenge.
Wang et al.[24]: Hierarchical ASBEAchieved scalability, flexibility, and fine grained access by supporting compound attribute with a hierarchical structure of the usersLeave or absent of any low level authority cause for delay for that duration also domain hierarchy is very complex
Liu et al.[30]: Weighted cipher text access structureImprove fine grained access control by defining attribute weight according to their importance in the system.Cipher text size is too long
Liu et al.[31]: Weighted key access structureReduce cipher text size by annotated weighted access structure with the private key also simplifying different nicknames of single attributeEncryption cannot decide who can decrypt the encrypted data
Wang et al.[34]: Weighted threshold access structureEfficient multi-authority scheme that used weighted threshold access structure and issued different attribute related keys also avoid collusion resistanceSystem model of this scheme is complex and how to achieve more significant access structure needs to be studied in future work

10.1109/TST.2016.7399287.T3Access-technique-based ABE comparisons.

Access techniquesUser-orientedAssigning rolePolicyApplicationPerformance
DACHighNot mentionedFixedAdministrator drivenLow
MACVaries from user to userSingle node assigningFixedAdministrator drivenBased on security level
RBACHighMultiFlexibleAdministrator drivenAbove average
ABACHighNot mentionedHighly flexibleAutomated adaptiveHigh

10.1109/TST.2016.7399287.T4Feature-based comparison table of ABE.

AlgorithmsFine-grained access controlComputation overheadUser revocation efficiencyScalability and efficiencyCollision resistanceAssociation of attributesAssociation of access policy
ABELowAVGAVGAVGBelow AVGWith cipherWith key
KP-ABELow if re-encryption than highMost of computation overheadLowAVG high if broadcast typeAVGWith cipherWith key
EKP-ABEBetter than KP-ABEReduced computation overheadAVGHigher than KP-ABEAbove AVGWith cipherWith key
CP-ABEAVG realization of complex access structureAVGLowAVG not efficient in mordent enterprise environmentGoodWith keyWith cipher
CP-ASBEHigher than CP-ABELower than CP-ABEAbove AVGBetter than CP-ABEGoodWith keyWith cipher
HIBEComparative lowMost of computation overhead Better: lower when compare with ABEGood
HABEHighSome of overheadAVGAbove AVGGoodWith keyWith cipher
HASBEHighLess than all of aboveAbove AVGHighGoodWith keyWith cipher
CP-WABEVery HighHighAbove AVGHighGoodWith cipherWith cipher
KP-WABEVery HighLowAbove AVGHighGoodWith cipherWith key
MA-WABEVery HighLowVery highVery highVery goodWith cipherWith cipher