Skip to main content
SpringerLink
Log in
Book cover

International Conference on Security, Privacy and Anonymity in Computation, Communication and Storage

SpaCCS 2017: Security, Privacy, and Anonymity in Computation, Communication, and Storage pp 457–467Cite as

Attacks on the Anti-collusion Data Sharing Scheme for Dynamic Groups in the Cloud

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 10658))

Abstract

As the hype of the evolution of cloud computing has become a real possibility in the modern day outsourcing scenarios, users can benefit from cloud computing by uploading documents into the cloud servers for sharing it among a group of legitimate users. But, though cloud is a viable present day option for elastic storage facilities, its security is still a grave concern. Hence, in order to improve the secure communication among group members, Zhu and Jiang have proposed a protocol and claimed that key distribution to the group users can be done without any secure communication channels. They have claimed that their scheme is resistant to collusion attack and all the other attacks, thereby ensuring forward and backward secrecies as well. Firstly, in this research work, after extensive analysis, we have identified several issues in the protocol proposed by Zhu and Jiang which make it vulnerable to various attacks. Secondly, we have proved that an attacker can use the man-in-the-middle attack and break the protocol thereby getting the secret keys shared between the group manager and the group user. Thirdly, we have given enough proof that the scheme is vulnerable to message modification attack too. Finally, we claim that the earlier proposed protocol is not secure and a new protocol with improved security is the need of the hour.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Boneh, D., Boyen, X., Goh, E.-J.: Hierarchical identity based encryption with constant size ciphertext. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 440–456. Springer, Heidelberg (2005). https://doi.org/10.1007/11426639_26

    Chapter  Google Scholar 

  2. Alzahrani, A., Alalwan, N., Sarrab, M.: Mobile cloud computing: advantage, disadvantage and open challenge. In: Proceedings of the 7th International Conference on Euro American Association on Telematics and Information Systems (EATIS 2014) (2014). https://doi.org/10.1145/2590651.2590670

  3. Kallahalla, M., Riedel, E., Swaminathan, R., Wang, Q., Fu, K.: Plutus: scalable secure file sharing on untrusted storage. In: Proceedings of USENIX Conference File and Storage Technologies, pp. 29–42 (2003)

    Google Scholar 

  4. Buyya, R., Ranjan, R., Calheiros, R.N.: InterCloud: utility-oriented federation of cloud computing environments for scaling of application services. In: Hsu, C.-H., Yang, L.T., Park, J.H., Yeo, S.-S. (eds.) ICA3PP 2010. LNCS, vol. 6081, pp. 13–31. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13119-6_2

    Chapter  Google Scholar 

  5. Zhang, X., Kunjithapatham, A., Jeong, S., Gibbs, S.: Towards an elastic application model for augmenting the computing capabilities of mobile devices with cloud computing. Mob. Netw. Appl. 16(3), 270–284 (2011). https://doi.org/10.1007/s11036-011-0305-7

    Article  Google Scholar 

  6. Giurgiu, I., Riva, O., Juric, D., Krivulev, I., Alonso, G.: Calling the cloud: enabling mobile phones as interfaces to cloud applications. In: Bacon, J.M., Cooper, B.F. (eds.) Middleware 2009. LNCS, vol. 5896, pp. 83–102. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-10445-9_5

    Chapter  Google Scholar 

  7. Zhang, X., Jeong, S., Kunjithapatham, A., Gibbs, S.: Towards an elastic application model for augmenting computing capabilities of mobile platforms. In: Cai, Y., Magedanz, T., Li, M., Xia, J., Giannelli, C. (eds.) MOBILWARE 2010. LNICSSITE, vol. 48, pp. 161–174. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-17758-3_12

    Chapter  Google Scholar 

  8. Rahimi, M.R., Ren, J., Liu, C.H., Vasilakos, A.V., Venkatasubramanian, N.: Mobile cloud computing: a survey, state of art and future direction 19(2), 133–143 (2014). https://doi.org/10.1007/s11036-013-0477-4

  9. Bakshi, A., Yogesh, B.: Securing cloud from DDoS attacks using intrusion detection system in virtual machine. In: Second International Conference on Communication Software and Networks, ICCSN 2010, pp. 260–264 (2010). https://doi.org/10.1109/ICCSN.2010.56

  10. Jensen, M., Schwenk, J., Gruschka, N., Iacono, L.L.: On technical security issues in cloud computing. In: IEEE Conference on Cloud Computing, CLOUD 2009, pp. 109–116 (2006). https://doi.org/10.1109/CLOUD.2009.60

  11. Zhu, Z., Jiang, R.: A secure anti-collusion data sharing scheme for dynamic groups in the public cloud. IEEE Trans. Parallel Distrib. Syst. 27(1), 40–50 (2016). https://doi.org/10.1109/TPDS.2015.2388446

    Article  Google Scholar 

  12. Goh, E., Shacham, H., Modadugu, N., Boneh, D.: Sirius: securing remote untrusted storage. In: Proceedings of Network and Distributed Systems Security Symposium (NDSS), pp. 131–145 (2003)

    Google Scholar 

  13. Boneh, D., Gentry, C., Waters, B.: Collusion resistant broadcast encryption with short ciphertexts and private keys. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 258–275. Springer, Heidelberg (2005). https://doi.org/10.1007/11535218_16

    Chapter  Google Scholar 

  14. Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of ACM Conference Computer and Communications Security (CCS), pp. 89–98 (2006). https://doi.org/10.1145/1180405.1180418

  15. Lu, R., Lin, X., Liang, X., Shen, X.: Secure provenance: the essential of bread and butter of data forensics in cloud computing. In: Proceedings of ACM Symposium Information, Computer and Communication Security, pp. 282–292 (2010). https://doi.org/10.1145/1755688.1755723

  16. Vijayakumar, P., Bose, S., Kannan, A.: Chinese remainder theorem based centralized group key management for secure multicast communication. J. IET Inf. Secur. 1–9 (2013). https://doi.org/10.1049/iet-ifs.2012.0352

  17. Liu, X., Zhang, Y., Wang, B., Yan, J.: Mona: secure multi-owner data sharing for dynamic groups in the cloud. IEEE Trans. Parallel Distrib. Syst. 24(6), 1182–1191 (2013). https://doi.org/10.1109/TPDS.2012.331

    Article  Google Scholar 

  18. Zhou, L., Varadharajan, V., Hitchens, M.: Achieving secure role-based access control on encrypted data in cloud storage. IEEE Trans. Inf. Forensics Secur. 8(12), 1947–1960 (2013). https://doi.org/10.1109/TIFS.2013.2286456

  19. Zou, X., Dai, Y., Bertino, E.: A practical and flexible key management mechanism for trusted collaborative computing. In: The 27th IEEE Conference on Computer Communications, INFOCOM 2008, pp. 1211–1219 (2008). https://doi.org/10.1109/INFOCOM.2008.102

Download references

Author information

Authors and Affiliations

  1. University College of Engineering Tindivanam, Melpakkam, Tindivanam, 604001, Tamil Nadu, India

    S. Milton Ganesh, Vijayakumar Pandi & L. Jegatha Deborah

  2. Department of Computer and Information Sciences, Fordham University, Bronx, NY, 10458, USA

    Md. Zakirul Alam Bhuiyan

Authors
  1. S. Milton Ganesh
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Vijayakumar Pandi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. L. Jegatha Deborah
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Md. Zakirul Alam Bhuiyan
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to S. Milton Ganesh .

Editor information

Editors and Affiliations

  1. Guangzhou University, Guangzhou, China

    Guojun Wang

  2. Edith Kinney Gaylord Presidential Professor, University of Oklahoma, Norman, Oklahoma, USA

    Mohammed Atiquzzaman

  3. Aalto University, Espoo, Finland

    Zheng Yan

  4. University of Texas at San Antonio, San Antonio, Texas, USA

    Kim-Kwang Raymond Choo

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Milton Ganesh, S., Pandi, V., Jegatha Deborah, L., Bhuiyan, M.Z.A. (2017). Attacks on the Anti-collusion Data Sharing Scheme for Dynamic Groups in the Cloud. In: Wang, G., Atiquzzaman, M., Yan, Z., Choo, KK. (eds) Security, Privacy, and Anonymity in Computation, Communication, and Storage. SpaCCS 2017. Lecture Notes in Computer Science(), vol 10658. Springer, Cham. https://doi.org/10.1007/978-3-319-72395-2_42

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-72395-2_42

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-72394-5

  • Online ISBN: 978-3-319-72395-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation