Cryptanalysis of Cloud based computing

Elom Tsiagbey

Cryptanalysis of Cloud based

computing

Overview

•

Introduction

•

Recent threats to cloud computing

Key Management models

What is Cloud Computing ?

Shared resources, software, and data provided to computers and other devices as a service over a network

How safe is the cloud?

•

In 2008, Heartland Payments hacked to steal 100 million credit card

information

•

In 2009, Zeus keylogger Trojan found on Amazon cloud linked to $100

million bank fraud

•

In 2011, Sony PlayStation network hacked to gain sensitive data of 77

million subscribers stored in Amazon’s EC2 Cloud

How is Encryption and Key

Management handled?

Leading Key Management models

•

Key management through a centralized cloud service

Key management through a trusted client-side authority

Centralized cloud service key management

• Based on Identity Based Encryption (IBE)

• Cloud is central authority and manages a single key store servicing users.

• Cloud acts as an authenticator with the help of “Controller” based on Access Control List

• Data on the cloud is divided into data partitions that are each encrypted with a different key

Centralized Key Management – Bilinear Maps

• Let G₁, G₂, and G_T be groups of the same order p • A bilinear map from G₁ x G₂ to G_T is a function

e : G₁ × G₂ → G_T such that for all u ∈ G₁, v ∈ G₂ , a, b ∈

Centralized Key Management – Key generation

Public Key Generator (PKG) is the Cloud Provider which specifies: • Group generator, g produces groups G and F of prime order q • Bilinear pairing, e : G x G → F

• Random hash functions, H₁ and H₂ H₁ : {0,1}* → G

H₂ : F → {0,1}l _{, where l is the length of the plaintext}

• Random master secret key SK_M ∈ Z*_q

• A public master key, PK_Mis then calculated from SK_Mand shared with all users PK_M= SK_M x g

• PKG also shares the key-related parameters G, F, H₁, H₂ and PK_M to the authorized user set.

Centralized Key Management – Encryption

•

Alice obtains PK

from the cloud provider

•

Suppose A wants to share a particular data partition in the cloud,

Alice also requests global identifier ID

for that partition

•

Alice then encrypts her message, m

∈

{0,1)

into ciphertext, C

p

using

combinations of PK

, ID

and a random integer, r.

U = rg

V = H

(e(Q

, PK

)

)

⊕

m

where Q

= H

(ID

)

•

Alice then uploads the ciphertext, C

= (U,V) to the cloud

provider.

Centralized Key Management – Decryption

• Bob authenticates with the cloud provider and requests secret key SK_P to a data partition.

SK_P = SK_M x Q_ID where Q_ID = H₁(ID_P )

• Bob then downloads the message and decrypts it using SK_P obtained above M = V ⊕ H₂(e(SK_P , U))

Centralized Key Management – Benefits

•Relatively straight forward – Communication between just the cloud provider and user. No additional networks required.

•Unnecessary and expensive pre-distribution of authenticated keys is avoided as the cloud generates the keys

Centralized Key Management – Challenges

• Trust - Cloud generates and stores all private keys hence has the ability to decrypt all data

• Cloud based authenticator is critical point of failure if attacked or power failure. Eg. Twitter outage in Feb 2008

• Clients data compromised through law enforcement or court order without knowledge/consent

• Lot’s of computational tasks (key generation, authentication, key requests)

Multi-level Key management

• A dedicated directory stores the key parameters used to generate secret keys. This aids a readier

dissemination to users

• Key store is managed by users which are segmented into groups

• A trusted intermediary called a manager is

responsible for user authentication within each group. Using ACL to verify group membership

Multi-level Key Management – Key Generation

• The Manager constructs an Access Control Polynomial A(x)

∏ _∈ ,

where = secret key assigned to each member in group U_P h(SKi , r)= hash function with random integer, r

• A public polynomial key P(x) is then calculated from a random group key SK_P P(x) = A(x) + SK_P

For eg. Alice, A and Bob, B in group U_P with secret keys(issued by manager) SK_A and SK_B P_UP(x) = (x-h(SK_A, r))(x-h(SK_B, r)) + SK_P

• Manager then uploads the tuple (r, P_UP(x)), representing the key parameters, to the cloud and stores it in the public directory

Multi-level Key Management – Encryption

• Alice has access to data partition, P and reads the tuple from it

• Alice then generates the partition access key. SK_P by computing the hash function of her own secret key SKA and substituting it into the public polynomial

SK_{P =} P_UP(h(SK_A, r))

• Alice then encrypts the message with SK_P, authenticates with the cloud and stores the ciphertext in partition P

Multi-level Key Management – Decryption

• Bob generates the partition access key, SK_P, using the same approach as Alice SK_{P =} P_UP(h(SK_B , r))

Multi-level Key Management – Key re-generation

• Assume 3rd _{user, Charlie, joins group U}

P, a new, modified ACP, A’(x) is created

A’(x) = A(x) (x-h(SK_C, r))

P’_UP(x) = A’(x) + SK_P

New tuple (r, P’_UP(x)) is uploaded to cloud.

• A and B are already in possession of SK_P hence they don’t need to obtain tuple above

• Suppose C leaves the group U_P. A new random group key, S’K_P and integer r’ is selected

P’’_UP(x) = A’(x) + S’K_P

New tuple (r’, P’’_UP(x)) is uploaded to cloud.

• The manager needs to re-encrypt all existing data for new authorized users to gain access using S’K_P

Multi-level key management – Benefits

• Trusted managers that are outside of the cloud domain manage the keys • Each manager handles authentication for a limited set of users hence

communication with the cloud is reduced

• Use of symmetric keys allows users to perform quicker encryption operations on cloud data

• Efficiently handles changes in group membership through parameter directory

Multi-level key management – Challenges

• Origin and authenticity of message cannot be guaranteed

• Does not cater for re-encryption of data when a user’s access rights are revoked

Conclusion– Proposed key model

• A new key management model is proposed

• The highly scalable cloud is leveraged to perform required re-encryption task • The manager still exists in the scenario, playing the role of key coordinator to

current users and the secret group key is never shared with the cloud.

• A re-encryption key based on the latest version of private partition key is generated by the manager and provided to the cloud for re-encryption