Abstract
These days, vicious globally playing enterprises and various culprits try to exploit individuals’ sensitive data whenever opportunities arise. Public clouds and private users with low (or even no) security awareness facilitate such malefactions. On account of this, a rational data owner’s trust in public clouds should reach the level semi-honest or semi-honest-but-curious at best due to their uncertainty of the location(s) of their data respectively of undesired access on them. The homomorphic cryptosystem SecureString 3.0 remedies to recapture the cloud users’ faith in secure cloud computing on encrypted character strings by combining the paradigms blind computing and secret sharing. While existing literature already covers the principles of SecureString 3.0, herein, the adduced implementation details of this cryptosystem given in pseudocode allow researchers to realize their own prototypes and practitioners to integrate SecureString 3.0 in their own security solutions. Decent security and performance analyses prove the applicability of this cryptosystem in the field, e.g., for secure instant messaging sifters.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Abdalla M, Bellare M (2000) Increasing the lifetime of a key: a comparative analysis of the security of re-keying techniques. In: OkamotoT (ed) Advances in Cryptology ASIACRYPT 2000. Lecture notes in computer science, vol. 1976. Springer, Berlin, Heidelberg, pp 546–559. https://dx.doi.org/10.1007/3-540-44448-3_42
Anderson RJ (2008) Security engineering—a guide to building dependable distributed systems, 2nd ed. Wiley. https://www.cl.cam.ac.uk/~rja14/book.html
Bauer FL (2010) Decrypted Secrets: methods and maxims of cryptology, 4th edn. Springer Publishing Company. https://dx.doi.org/10.1007/978-3-540-48121-8
Blum M, Micali S (1984) How to generate cryptographically strong sequences of pseudorandom bits. SIAM J Comput 13(4):850–864. https://dx.doi.org/10.1137/0213053
Chai Q, Gong G (2012) Verifiable symmetric searchable encryption for semi-honest-but-curious cloud servers. In: 2012 IEEE International Conference on Communications (ICC), pp 917–922, jun 2012. https://dx.doi.org/10.1109/ICC.2012.6364125
Elgaby M (2013) Computing on confidential character strings in an enhanced SIP-framework. Master’s thesis, University of Hagen. https://dx.doi.org/10.13140/2.1.2059.4241
Fahrnberger G (2013) Computing on encrypted character strings in clouds. In: Hota, C., Srimani, P.K. (eds) Distributed computing and internet technology. Lecture notes in computer science, vol 7753. Springer, Berlin, pp 244–254. https://dx.doi.org/10.1007/978-3-642-36071-8_19
Fahrnberger G (2013) Securestring 2.0— a cryptosystem for computing on encrypted character strings in clouds. In: Eichler G, Gumzej R (eds) Networked information systems. Fortschritt-Berichte Reihe 10, vol 826, pp. 226–240. VDI Düsseldorf, Jun 2013. https://dx.doi.org/10.13140/RG.2.1.4846.7521/3
Fahrnberger G (2014) A second view on securestring 2.0. In: Natarajan R (ed) Distributed computing and internet technology. Lecture notes in computer science, vol 8337. Springer International Publishing, pp 239–250. https://dx.doi.org/10.1007/978-3-319-04483-5_25
Fahrnberger G (2014) SIMS: a comprehensive approach for a secure instant messaging sifter. In: 2014 IEEE 13th international conference on Trust, Security and Privacy in Computing and Communications (TrustCom), Sep 2014, pp 164–173. https://dx.doi.org/10.1109/TrustCom.2014.25
Fahrnberger G (2015) Repetition pattern attack on multi-word-containing securestring 2.0 objects. In: Natarajan R, Barua G, Patra MR (eds) Distributed computing and internet technology. Lecture notes in computer science, vol 8956. Springer International Publishing, pp 265–277. https://dx.doi.org/10.1007/978-3-319-14977-6_26
Fahrnberger G, Heneis K (2015) Securestring 3.0—a cryptosystem for blind computing on encrypted character strings. In: Natarajan R, Barua G, Patra MR (eds) Distributed computing and internet technology. Lecture notes in computer science, vol 8956. Springer International Publishing, pp 331–334. https://dx.doi.org/10.1007/978-3-319-14977-6_33
Fahrnberger G, Nayak D, Martha VS, Ramaswamy S (2014) Safechat: a tool to shield children’s communication from explicit messages. In: 2014 14th International Conference on Innovations for Community Services (I4CS), Jan 2014, pp 80–86. https://dx.doi.org/10.1109/I4CS.2014.6860557
Ferguson N, Schneier B (2003) Practical cryptography. Wiley
Freitag D (2013) Erweiterung eines SMPP-Frameworks zur sicheren Verarbeitung vertraulicher Zeichenketten. Master’s thesis, University of Hagen. https://dx.doi.org/10.13140/2.1.4680.8641
Gentry C (2009) A fully homomorphic encryption scheme. Ph.D. thesis, Stanford University, Stanford, CA, USA. http://crypto.stanford.edu/craig/craig-thesis.pdf
Halang WA, Komkhao M, Sodsee S (2014) Secure cloud computing. In: Boonkrong S, Unger H, Meesad P (eds) Recent advances in information and communication technology. Advances in intelligent systems and computing, vol 265, May 2014. Springer International Publishing, pp 305–314. https://dx.doi.org/10.1007/978-3-319-06538-0_30
ISO/IEC 10116:2006 (2006) Information technology—security techniques—modes of operation for an n-bit block cipher. International Organization for Standardization. https://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=38761
Menezes AJ, Vanstone SA, (1996) Oorschot P.C.v.: Handbook of applied cryptography, 1st edn. CRC Press, Inc., Boca Raton, Florida, USA. http://cacr.uwaterloo.ca/hac
Morris R, Thompson K (1979) Password security: a case history. Commun ACM 22(11):594–597. https://dx.doi.org/10.1145/359168.359172
Nayak D, Swamy M, Ramaswamy S (2013) Supporting location information privacy in mobile devices. In: Hota C, Srimani P (eds) Distributed computing and internet technology. Lecture notes in computer science, vol 7753. Springer, Berlin, pp 361–372. https://dx.doi.org/10.1007/978-3-642-36071-8_28
Örencik C, Savas E (2014) An efficient privacy-preserving multi-keyword search over encrypted cloud data with ranking. Distrib Parallel Databases 32(1):119–160. https://dx.doi.org/10.1007/s10619-013-7123-9
Paillier P (1592) Public-key cryptosystems based on composite degree residuosity classes. In: Stern J (ed) Advances in cryptology EUROCRYPT 99. Lecture notes in computer science, vol 1592. Springer, Berlin, pp 223–238. https://dx.doi.org/10.1007/3-540-48910-X_16
Petit C, Standaert FX, Pereira O, Malkin TG, Yung M (2008) A block cipher based pseudo random number generator secure against side-channel key recovery. In: Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security. ASIACCS’08, ACM, New York, NY, USA, pp 56–65. https://dx.doi.org/10.1145/1368310.1368322
Rivest RL, Shamir A, Adleman L (1878) A method for obtaining digital signatures and public-key cryptosystems. Commun ACM 21(2):120–126. https://dx.doi.org/10.1145/359340.359342
Acknowledgements
Many thanks to Bettina Baumgartner from the University of Vienna for proofreading this contribution!
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer Science+Business Media Singapore
About this chapter
Cite this chapter
Fahrnberger, G. (2016). A Detailed View on SecureString 3.0. In: Chakrabarti, A., Sharma, N., Balas, V. (eds) Advances in Computing Applications. Springer, Singapore. https://doi.org/10.1007/978-981-10-2630-0_7
Download citation
DOI: https://doi.org/10.1007/978-981-10-2630-0_7
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-2629-4
Online ISBN: 978-981-10-2630-0
eBook Packages: Computer ScienceComputer Science (R0)