Abstract

The emergence of cloud computing and IoT has made effective and secure cryptographic schemes essential for sharing data online. To protect sensitive data, data owners must encrypt files before storing them online and grant decryption rights to authorized users. A novel approach, the Key Aggregate Cryptosystem (KAC), enables users to decode multiple pieces of data types with one single constant key size, enhancing efficiency. In this article the Efficient Revocable & Dynamic Secure Aggregate Key Cryptosystem Approach (ERDSAKCA) is tailored for cloud environments. This innovative strategy not only simplifies the key management through KAC but also allows for dynamic user revocation by updating the ciphertext, ensuring revoked users cannot access new data while non-revoked users retain access without updating their private keys. The scheme also incorporates a verification mechanism to ensure accuracy in user revocation and ciphertext updates. Compared to existing schemes, ERDSAKCA effectively manages user access control and user revocation and reduces the costs associated with key management and storage. Lastly, the scheme is shown to be selectively chosen plaintext-safe under the conventional model, offering strong protection against cryptographic attacks.

Keywords

Aggregate Key Cryptosystem, Secure Data Sharing, Semantic Security Mechanism, Dynamic Access Control Policy, Attribute Based Encryption,

Downloads

Download data is not yet available.

References

  1. A.Q. Khan, M. Matskin, R. Prodan, C. Bussler, D. Roman, A. Soylu, Cloud storage cost: a taxonomy and survey. World Wide Web, 27(36), (2024) 1–33. https://doi.org/10.1007/s11280-024-01273-4
  2. P. Aryan, S.D. Shetty, Designing a secure, scalable, and cost-effective cloud storage solution: A novel approach to data management using NextCloud. TrueNAS, and QEMU/KVM, International Conference on Computational Intelligence and Network Systems (CINS), IEEE, United Arab Emirates. https://doi.org/10.1109/CINS63881.2024.10864401
  3. E. Alhelali, K.M. Ramokapane, J. Such, Multiuser privacy and security conflicts in the cloud. CHI '23: Proceedings of the 2023 CHI Conference on Human Factors in Computing Systems, (2023) 1-6. https://doi.org/10.1145/3544548.3581307
  4. L. Golightly, P. Modesti, R. Garcia, V. Chang, Securing distributed systems: A survey on access control techniques for cloud, blockchain, IoT and SDN. Cyber Security and Applications, 1, (2023) 100015. https://doi.org/10.1016/j.csa.2023.100015
  5. K. Zhang, X. Hu, J. Zhao, L. Wei, J. Ning, Blockchain-based revocable key-aggregate searchable encryption for group data sharing in cloud-assisted Industrial IoT, IEEE Internet of Things Journal, 12(11), (2025) 16899–16911. https://doi.org/10.1109/JIOT.2025.3534837
  6. J. Liu, J. Qin, X. Zhang, H. Wang, Efficient key-aggregate cryptosystem with user revocation for selective group data sharing in cloud storage, IEEE Transactions on Knowledge and Data Engineering, IEEE, 36(11), (2024) 6042–6055. https://doi.org/10.1109/TKDE.2024.3397721
  7. G. Pareek, B.R. Purushothama, KAPRE: Key-aggregate proxy re-encryption for secure and flexible data sharing in cloud storage. Journal of Information Security and Applications, 63, (2021) 103009. https://doi.org/10.1016/j.jisa.2021.103009
  8. J. Zhao, Q. Su, Verifiable data sharing scheme for dynamic multi-owner setting. arXiv preprint, arXiv:2308.00239 (2023) 113-125. https://doi.org/10.5121/csit.2023.131309
  9. M. Padhya, D.C. Jinwala, MULKASE: A novel approach for keyaggregate searchable encryption for multi-owner data. Frontiers of Information Technology & Electronic Engineering, 20(12), (2019) 1717–1748. https://doi.org/10.1631/FITEE.1800192
  10. M. Padhya, D.C. Jinwala, R-OO-KASE: Revocable online/offline key aggregate searchable encryption. Data Science and Engineering, 5(4), (2020) 391–418. https://doi.org/10.1007/s41019-020-00136-y
  11. H. Wang, KAASE: Key-aggregation authorized searchable encryption scheme for multi-key encryption data sharing, SSRN preprint (2022). https://dx.doi.org/10.2139/ssrn.4063519
  12. K. Alimohammadi, M. Bayat, H.H. Javadi, A secure key-aggregate authentication cryptosystem for data sharing in dynamic cloud storage. Multimedia Tools and Applications, 79(3), (2020) 2855–2872. https://doi.org/10.1007/s11042-019-08292-8
  13. S. Yao, R.V. Dayot, H.J. Kim, I.H. Ra, A novel revocable and identity-based conditional proxy re-encryption scheme with ciphertext evolution for secure cloud data sharing. IEEE Access, 9(2021) 42801–42816. https://doi.org/10.1109/ACCESS.2021.3064863
  14. J. Liu, J. Qin, W. Wang, L. Mei, H. Wang, Key-aggregate based access control encryption for flexible cloud data sharing. Computer Standards & Interfaces, 88, (2024) 103800. https://doi.org/10.1016/j.csi.2023.103800
  15. M. Kamimura, N. Yanai, S. Okamura, J.P. Cruz, Key-aggregate searchable encryption revisited: formal foundations for cloud applications and their implementation. IEEE Access, 8, (2020) 24153–24169. https://doi.org/10.1109/ACCESS.2020.2967793
  16. Q. Gan, X. Wang, D. Wu, Revocable key-aggregate cryptosystem for data sharing in cloud. Security and Communication Networks, 2017, (2017) 1–11. https://doi.org/10.1155/2017/2508693
  17. S. Patranabis, Y. Shrivastava, D. Mukhopadhyay, Dynamic key-aggregate cryptosystem on elliptic curves for online data sharing. In International conference on cryptology in India, Springer International Publishing. https://doi.org/10.1007/978-3-319-26617-6_2
  18. X. Wang, X. Cheng, Y. Xie, Efficient verifiable key-aggregate keyword searchable encryption for data sharing in outsourcing storage. IEEE Access, 8, (2019) 11732-11742. https://doi.org/10.1109/ACCESS.2019.2961169
  19. T. Li, Z. Liu, C. Jia, Z. Fu, J. Li, Key-aggregate searchable encryption under multi-owner setting for group data sharing in the cloud, International Journal of Web and Grid Services, 14(1), (2018) 21–43. https://doi.org/10.1504/IJWGS.2018.088358
  20. M. Padhya, D.C. Jinwala, (2019) BTG-RKASE: Privacy preserving revocable key aggregate searchable encryption with fine-grained multi-delegation break-the-glass access control. Proceedings of the 16th International Joint Conference on e-Business and Telecommunications – SECRYPT, 2, 109–124. https://doi.org/10.5220/0007919901090124