scispace - formally typeset
Topic

Client-side encryption

About: Client-side encryption is a(n) research topic. Over the lifetime, 3734 publication(s) have been published within this topic receiving 82657 citation(s).
Papers
More filters

Proceedings ArticleDOI
20 May 2007-
TL;DR: A system for realizing complex access control on encrypted data that is conceptually closer to traditional access control methods such as role-based access control (RBAC) and secure against collusion attacks is presented.
Abstract: In several distributed systems a user should only be able to access data if a user posses a certain set of credentials or attributes. Currently, the only method for enforcing such policies is to employ a trusted server to store the data and mediate access control. However, if any server storing the data is compromised, then the confidentiality of the data will be compromised. In this paper we present a system for realizing complex access control on encrypted data that we call ciphertext-policy attribute-based encryption. By using our techniques encrypted data can be kept confidential even if the storage server is untrusted; moreover, our methods are secure against collusion attacks. Previous attribute-based encryption systems used attributes to describe the encrypted data and built policies into user's keys; while in our system attributes are used to describe a user's credentials, and a party encrypting data determines a policy for who can decrypt. Thus, our methods are conceptually closer to traditional access control methods such as role-based access control (RBAC). In addition, we provide an implementation of our system and give performance measurements.

3,825 citations


4


Proceedings ArticleDOI
30 Oct 2006-
TL;DR: This work develops a new cryptosystem for fine-grained sharing of encrypted data that is compatible with Hierarchical Identity-Based Encryption (HIBE), and demonstrates the applicability of the construction to sharing of audit-log information and broadcast encryption.
Abstract: As more sensitive data is shared and stored by third-party sites on the Internet, there will be a need to encrypt data stored at these sites. One drawback of encrypting data, is that it can be selectively shared only at a coarse-grained level (i.e., giving another party your private key). We develop a new cryptosystem for fine-grained sharing of encrypted data that we call Key-Policy Attribute-Based Encryption (KP-ABE). In our cryptosystem, ciphertexts are labeled with sets of attributes and private keys are associated with access structures that control which ciphertexts a user is able to decrypt. We demonstrate the applicability of our construction to sharing of audit-log information and broadcast encryption. Our construction supports delegation of private keys which subsumesHierarchical Identity-Based Encryption (HIBE).

3,765 citations


Journal ArticleDOI
TL;DR: Use of encryption to achieve authenticated communication in computer networks is discussed and example protocols are presented for the establishment of authenticated connections, for the management of authenticated mail, and for signature verification and document integrity guarantee.
Abstract: Use of encryption to achieve authenticated communication in computer networks is discussed. Example protocols are presented for the establishment of authenticated connections, for the management of authenticated mail, and for signature verification and document integrity guarantee. Both conventional and public-key encryption algorithms are considered as the basis for protocols.

2,622 citations


Book ChapterDOI
25 Jan 2010-
TL;DR: This work considers the problem of building a secure cloud storage service on top of a public cloud infrastructure where the service provider is not completely trusted by the customer and describes several architectures that combine recent and non-standard cryptographic primitives to achieve this goal.
Abstract: We consider the problem of building a secure cloud storage service on top of a public cloud infrastructure where the service provider is not completely trusted by the customer We describe, at a high level, several architectures that combine recent and non-standard cryptographic primitives in order to achieve our goal We survey the benefits such an architecture would provide to both customers and service providers and give an overview of recent advances in cryptography motivated specifically by cloud storage

1,271 citations


Proceedings ArticleDOI
13 Jun 2004-
TL;DR: This work presents an order-preserving encryption scheme for numeric data that allows any comparison operation to be directly applied on encrypted data, and is robust against estimation of the true value in such environments.
Abstract: Encryption is a well established technology for protecting sensitive data. However, once encrypted, data can no longer be easily queried aside from exact matches. We present an order-preserving encryption scheme for numeric data that allows any comparison operation to be directly applied on encrypted data. Query results produced are sound (no false hits) and complete (no false drops). Our scheme handles updates gracefully and new values can be added without requiring changes in the encryption of other values. It allows standard databse indexes to be built over encrypted tables and can easily be integrated with existing database systems. The proposed scheme has been designed to be deployed in application environments in which the intruder can get access to the encrypted database, but does not have prior domain information such as the distribution of values and annot encrypt or decrypt arbitrary values of his choice. The encryption is robust against estimation of the true value in such environments.

1,226 citations


Network Information
Related Topics (5)
Intrusion detection system

28.4K papers, 509.5K citations

92% related
Access control

32.6K papers, 475K citations

91% related
Denial-of-service attack

10.2K papers, 157.8K citations

91% related
Cloud testing

9.9K papers, 216.1K citations

90% related
Network security

23.9K papers, 349.5K citations

90% related
Performance
Metrics
No. of papers in the topic in previous years
YearPapers
20213
202010
20198
201841
2017291
2016460

Top Attributes

Show by:

Topic's top 5 most impactful authors

Willy Susilo

8 papers, 324 citations

Sara Foresti

5 papers, 171 citations

Florian Kerschbaum

5 papers, 340 citations

Yevgeniy Dodis

4 papers, 228 citations

Khin Mi Mi Aung

4 papers, 53 citations