research-article

Deniable cloud storage: sharing files via public-key deniability

Authors:

Giuseppe Ateniese,

Marina BlantonAuthors Info & Claims

WPES '10: Proceedings of the 9th annual ACM workshop on Privacy in the electronic society

Pages 31 - 42

https://doi.org/10.1145/1866919.1866925

Published: 04 October 2010 Publication History

Abstract

Cloud computing provides users with ample computing resources, storage, and bandwidth to meet their computing needs, often at minimal cost. As such services become popular and available to a larger body of users, security mechanisms become an integral part of them. Conventional means for protecting data privacy, such as encryption, can protect communication and stored data from unauthorized access including the service provider itself. Such tools, however, are not sufficient against powerful adversaries who can force users into opening their encrypted content. In this work we introduce the concept of deniable cloud storage that guarantees privacy of data even when one's communication and storage can be opened by an adversary. We show that existing techniques and systems do not adequately solve this problem. We design the first sender-and-receiver deniable public-key encryption scheme that is both practical and is built from standard tools. Furthermore, we treat practical aspects of user collaboration and provide an implementation of a deniable shared file system, DenFS.

References

[1]

}}R. Anderson, R. Needham, and A. Shamir. The Steganographic File System. International Workshop on Information Hiding, pages 73--82, 1998.

[2]

}}M. Armbrust, A. Fox, R. Griffith, A. D. Joseph, R. H. Katzand, A. Konwinski, G. Lee, D. A. Patterson, A. Rabkin, I. Stoica, and M. Zaharia. Above the Clouds: A Berkeley View of Cloud Computing. Technical Report UCB/EECS-2009-28, EECS Department, University of California, Berkeley, Feb 2009.

[3]

}}Mihir Bellare and Phillip Rogaway. Optimal Asymmetric Encryption. EUROCRYPT'94, pages 92--111, 1994.

[4]

}}Bonnie++: a free and open source filesystem benchmark. http://www.coker.com.au/bonnie++/.

[5]

}}E. Bresson, D. Catalano, and D. Pointcheval. A Simple Public-Key Cryptosystem with a Double Trapdoor Decryption Mechanism and Its Applications. In Advances in Cryptology - ASIACRYPT'03, pages 37--54, 2003.

[6]

}}R. Canetti, C. Dwork, M. Naor, and R. Ostrovsky. Deniable Encryption. In Adnvances in Cryptology - CRYPTO'97, volume 1294 of LNCS, pages 90--104, 1997.

Digital Library

[7]

}}R. Canetti, S. Halevi, and J. Katz. A Forward-Secure Public-Key Encryption Scheme. Journal of Cryptology, 20(3):265--294, 2007.

Digital Library

[8]

}}A. Czeskis, D. J. St. Hilaire, K. Koscher, S. D. Gribble, T. Kohno, and B. Schneier. Defeating Encrypted and Deniable File Systems: TrueCrypt v5.1a and the Case of the Tattling OS and Applications. In USENIX Workshop on Hot Topics in Security (HotSec'08), 2008.

Digital Library

[9]

}}I. Damgard and M. Jurik. A Generalisation, a Simplification and some Applications of Paillier's Probabilistic Public-Key System. In Public Key Cryptography (PKC'01), pages 119--136, 2001.

Digital Library

[10]

}}Filesystem in Userspace. http://fuse.sourceforge.net/.

[11]

}}C. Gentry and A. Silverberg. Hierarchical ID -based cryptography. In ASIACRYPT'02, pages 548--566, 2002.

Digital Library

[12]

}}J. Horwitz and B. Lynn. Toward Hierarchical Identity-Based Encryption. In Advances in Cryptology - EUROCRYPT'02, pages 466--481, 2002.

Digital Library

[13]

}}M. Ibrahim. A Method for Obtaining Deniable Public-key Encryption. International Journal of Network Security, 8(1):1--9, 2009.

[14]

}}M. Ibrahim. Receiver-deniable Public-key Encryption. International Journal of Network Security, 8(2):159--165, 2009.

[15]

}}A. Kiayias and M. Yung. Efficient Secure Group Signatures with Dynamic Joins and Keeping Anonymity Against Group Managers. In Progress in Cryptology - Mycrypt'05, pages 151--170, 2005.

Digital Library

[16]

}}M. Klonowski, P. Kubiak, and M. Kutylowski. Practical Deniable Encryption. In SPFSEM'08, volume 4910 of LNCS, pages 599--609, 2008.

Digital Library

[17]

}}B. Meng and J. Wang. A Receiver Deniable Encryption Scheme. In International Symposium on Information Processing (ISIP'09), 2009.

[18]

}}N. Mirzaei. Cloud Computing. Technical report, Indiana University, 2008.

[19]

}}P. Paillier. Public-key Cryptosystems Based on Composite Degree Residuosity Classes. In Advances in Cryptology - EUROCRYPT'99, pages 223--238, 1999.

Digital Library

[20]

}}H. Pang, K. Tan, and X. Zhou. StegFS: A Steganographic File System. In International Conference on Data Engineering (ICDE'03), page 657, 2003.

[21]

}}S. Pearson. Taking Account of Privacy when Designing Cloud Computing Services. In ICSE Workshop on Software Engineering Challenges of Cloud Computing (CLOUD '09), pages 44--52, 2009.

Digital Library

[22]

}}Amazon S3. http://aws.amazon.com/s3/.

[23]

}}Rubberhose Project. http://iq.org/~proff/rubberhose.org/.

[24]

}}Dropbox. http://www.dropbox.com/.

[25]

}}Truecrypt. http://www.truecrypt.org/.

[26]

}}TrueCrypt Hidden Volumes. http://www.truecrypt.org/hiddenvolume.

[27]

}}The OpenSSL Project website. http://www.openssl.org/.

[28]

}}M. Vouk. Cloud Computing: I ssues, Research and Implementations. In International Conference on Information Technology Interfaces (ITI'08), pages 31--40, 2008.

[29]

}}Wired: "Spam Suspect Uses Google Docs; FBI Happy". http://www.wired.com/threatlevel/2010/04/cloud-warrant/.

[30]

}}D. Yao, N. Fazio, Y. Dodis, and A. Lysyanskaya. ID-based Encryption for Complex Hierarchies with Applications to Forward Security and Broadcast Encryption. In ACM Conference on Computer and Communications Security (CCS'04), pages 354--363, 2004.

Digital Library

[31]

}}X. Zhou, H. Pang, and K. Tan. Hiding Data Accesses in Steganographic File System. In International Conference on Data Engineering (ICDE'04), page 572, 2004.

Digital Library

Cited By

Sandeepthi BWisely Joe JPreethy Rebecca P(2024)Ensuring Audit-Free Cloud Using CFF with AES-SHA in Cloud ComputingFourth Congress on Intelligent Systems10.1007/978-981-99-9043-6_15(177-185)Online publication date: 27-Mar-2024
https://doi.org/10.1007/978-981-99-9043-6_15
Ahmad SRass SSchartner P(2023)False-Bottom Encryption: Deniable Encryption From Secret SharingIEEE Access10.1109/ACCESS.2023.328828511(62549-62564)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3288285
Lin ZLiu TChi P(2023)LED: Learnable Encryption with DeniabilityNew Trends in Computer Technologies and Applications10.1007/978-981-19-9582-8_57(649-660)Online publication date: 10-Feb-2023
https://doi.org/10.1007/978-981-19-9582-8_57
Show More Cited By

Index Terms

Deniable cloud storage: sharing files via public-key deniability
1. Security and privacy
  1. Cryptography
    1. Public key (asymmetric) techniques
      1. Public key encryption

Recommendations

Deniable encryptions secure against adaptive chosen ciphertext attack
ISPEC'12: Proceedings of the 8th international conference on Information Security Practice and Experience

The deniable encryption is a type of encryption which can hide the true message while revealing a fake one. Even if the sender or the receiver is coerced to show the plaintext and the used random numbers in encryption, a deniable encryption scheme ...
Deniable Searchable Symmetric Encryption

In the recent years, Searchable Symmetric Encryption (SSE) has become one of the hottest topic in cloud-computing area because of its availability and flexibility, and there are a series of SSE schemes were proposed. The adversary considered in these ...
Deniable Functional Encryption
Proceedings, Part I, of the 19th IACR International Conference on Public-Key Cryptography --- PKC 2016 - Volume 9614

Deniable encryption, first introduced by Canetti et al. [14], allows a sender and/or receiver of encrypted communication to produce fake but authentic-looking coins and/or secret keys that "open" the communication to a different message. Here we ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

WPES '10: Proceedings of the 9th annual ACM workshop on Privacy in the electronic society

October 2010

136 pages

ISBN:9781450300964

DOI:10.1145/1866919

General Chair:
Ehab Al-Shaer
University of North Carolina, Charlotte, USA
,
Program Chair:
Keith Frikken
Miami University, USA

Copyright © 2010 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 04 October 2010

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS '10

Sponsor:

SIGSAC

CCS '10: 17th ACM Conference on Computer and Communications Security 2010

October 4, 2010

Illinois, Chicago, USA

Acceptance Rates

Overall Acceptance Rate 106 of 355 submissions, 30%

Upcoming Conference

CCS '24

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 14 - 18, 2024

Salt Lake City , UT , USA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

23
Total Citations
View Citations
718
Total Downloads

Downloads (Last 12 months)5
Downloads (Last 6 weeks)0

Reflects downloads up to

Other Metrics

View Author Metrics

Citations

Cited By

Sandeepthi BWisely Joe JPreethy Rebecca P(2024)Ensuring Audit-Free Cloud Using CFF with AES-SHA in Cloud ComputingFourth Congress on Intelligent Systems10.1007/978-981-99-9043-6_15(177-185)Online publication date: 27-Mar-2024
https://doi.org/10.1007/978-981-99-9043-6_15
Ahmad SRass SSchartner P(2023)False-Bottom Encryption: Deniable Encryption From Secret SharingIEEE Access10.1109/ACCESS.2023.328828511(62549-62564)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3288285
Lin ZLiu TChi P(2023)LED: Learnable Encryption with DeniabilityNew Trends in Computer Technologies and Applications10.1007/978-981-19-9582-8_57(649-660)Online publication date: 10-Feb-2023
https://doi.org/10.1007/978-981-19-9582-8_57
Chi PWang MChuang Y(2022)A LWE-Based Receiver-Deniable Encryption Scheme2021 International Conference on Security and Information Technologies with AI, Internet Computing and Big-data Applications10.1007/978-3-031-05491-4_13(124-133)Online publication date: 30-Nov-2022
https://doi.org/10.1007/978-3-031-05491-4_13
Chi PWang MShiu H(2020)How to Hide the Real Receiver Under the Cover Receiver: CP-ABE With Policy DeniabilityIEEE Access10.1109/ACCESS.2020.29936888(89866-89881)Online publication date: 2020
https://doi.org/10.1109/ACCESS.2020.2993688
Chi PWang M(2019)Privacy-Preserving Broker-ABE Scheme for Multiple Cloud-Assisted Cyber Physical SystemsSensors10.3390/s1924546319:24(5463)Online publication date: 11-Dec-2019
https://doi.org/10.3390/s19245463
Wang MChi P(2019)Blurring Political Leanings of Messages on Social Networks Using Deniable SteganographyIEEE Access10.1109/ACCESS.2019.2923975(1-1)Online publication date: 2019
https://doi.org/10.1109/ACCESS.2019.2923975
Jayaraman IMohammed M(2019)Secure Privacy Conserving Provable Data Possession (SPC-PDP) frameworkInformation Systems and e-Business Management10.1007/s10257-019-00417-8Online publication date: 2-Aug-2019
https://doi.org/10.1007/s10257-019-00417-8
Chen CChakraborti ASion R(2018)PD-DM: An efficient locality-preserving block device mapper with plausible deniabilityProceedings on Privacy Enhancing Technologies10.2478/popets-2019-00092019:1(153-171)Online publication date: 24-Dec-2018
https://doi.org/10.2478/popets-2019-0009
Chi PLei C(2018)Audit-Free Cloud Storage via Deniable Attribute-Based EncryptionIEEE Transactions on Cloud Computing10.1109/TCC.2015.24248826:2(414-427)Online publication date: 1-Apr-2018
https://doi.org/10.1109/TCC.2015.2424882
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents