An Efficient Framework for Data Security in Mobile Cloud Computing Paradigm

Abstract

The incessant spurt of research activities to augment the capabilities of resourceconstrained mobile devices by leveraging heterogeneous cloud resources has created a new research impetus called Mobile Cloud Computing (MCC). However, this rapid relocation to the cloud has fueled security and privacy concerns as users’ data leave the owners’ protection sphere and enter the cloud. Cryptography is a conventional way of maintaining the privacy of data and authenticating users over an insecure network. Traditional Public Key Cryptography (PKC) is more expensive than symmetric cryptography as it requires the certificate for authentication. The scope for identity-based cryptography is no doubt high as it authenticates the sender without relying on certificates, but it suffers from the key escrow problem. Certificateless cryptography is a relatively new and attractive paradigm that provides the security against key escrow problem and solves certificate management problem in traditional PKC. This work has proposed three different schemes for data security in MCC namely Certificateless Proxy Signcryption (CLPSc), Certificateless Proxy Re-encryption (CLPRE) and Certificateless Incremental Proxy Re-encryption (CL-iPRE). CLPSc is one of the most efficient security primitives for secure data transmission. The entrustment of signing rights to a proxy signcrypter at the behest of an original signcrypter imparts utility in various fields such as an online proxy auction, healthcare industry, ubiquitous computing, etc. Unlike the traditional sign-then-encrypt approach, signcryption primitive saves computational costs and bandwidth load. Recently, a pairing free CLPSc scheme has been proposed which has claimed to be secure against forgery under adaptive chosen-message attacks. It has been proved that it has failed to provide unforgeability. As an improvement to the scheme, a pairing-free CLPSc scheme has been proposed for eprescription system in MCC. The proposed scheme is proven to be secure against indistinguishability under adaptive chosen-ciphertext attack and existential forgery under adaptive chosen-message attack in the random oracle model. The proposed scheme outperforms the existing schemes in terms of computational efficiency.The ubiquitous and timely access to electronic health records (EHRs) and personal health records (PHRs) help physicians to take critical care decisions and save lives. Cloud computing has a potential to provide ubiquitous and on-demand instant access to common pool of shared resources and services to various stakeholders who are involved in ehealthcare industry. A Proxy Re-encryption (PRE) is a cryptographic scheme for delegation of decryption rights. The PRE schemes are useful in the scenarios where data are desired to be shared with the authorized users over the cloud. The cryptanalysis of recently proposed CL-PRE scheme has been performed. Further, a lightweight, pairingfree, single-hop unidirectional CL-PRE scheme has been proposed for secure sharing of mobile PHRs with public cloud. In CL-PRE, patients encrypt the data with their public keys before outsourcing to cloud and cloud resident semi-trusted proxy further re-encrypts into ciphertext under intended recipient’s public key without learning anything about encrypted message. The security has been proved through formal analysis against chosen ciphertext attack in the random oracle model. The proposed CL-PRE scheme is more efficient and suitable for low power mobile devices in comparison to existing schemes. Conventionally, any modification to uploaded record irrespective of its scale or frequency would compel the mobile client to encrypt and compute the hash value from the scratch. Such operations would drain battery and energy resources of mobile devices. One of the crucial factors for enabling fast and secure computations in the Zettabyte era is the use of the incremental cryptographic algorithm which runs in time proportional to the number of modifications instead of the document length. An efficient elliptic curve based pairing-free CL-iPRE scheme has been proposed for improving the file modification operations.