scispace - formally typeset
Search or ask a question
Topic

Key escrow

About: Key escrow is a research topic. Over the lifetime, 1162 publications have been published within this topic receiving 19616 citations.


Papers
More filters
Journal ArticleDOI
TL;DR: This paper adopts the idea of Provable Data Possession (PDP) sampling auditing algorithm and applies the discrete logarithm problem (DLP) to construct proof and ensure privacy protection in the TPA verification process and proposes a distributed machine learning oriented data integrity verification scheme (DML-DIV).
Abstract: Distributed Machine Learning (DML) is one of the core technologies for Artificial Intelligence (AI). However, in the existing distributed machine learning framework, the data integrity is not taken into account. If network attackers forge the data, modify the data, or destroy the data, the training model in the distributed machine learning system will be greatly affected, and the training results are led to be wrong. Therefore, it is crucial to guarantee the data integrity in the DML. In this paper, we propose a distributed machine learning oriented data integrity verification scheme (DML-DIV) to ensure the integrity of training data. Firstly, we adopt the idea of Provable Data Possession (PDP) sampling auditing algorithm to achieve data integrity verification so that our DML-DIV scheme can resist forgery attacks and tampering attacks. Secondly, we generate a random number, namely blinding factor, and apply the discrete logarithm problem (DLP) to construct proof and ensure privacy protection in the TPA verification process. Thirdly, we employ identity-based cryptography and two-step key generation technology to generate data owner’s public/private key pair so that our DML-DIV scheme can solve the key escrow problem and reduce the cost of managing the certificates. Finally, formal theoretical analysis and experimental results show the security and efficiency of our DML-DIV scheme.

13 citations

Journal ArticleDOI
TL;DR: A thorough survey and examines the state-of-the-art of some traditional ABE as well as multi-authority attribute-based encryption schemes over the past decade and provides design principles of MA-ABE and shows comparisons between existing works on areas as security, performance, and functionality.
Abstract: The introduction of attribute-based encryption (ABE) targets to achieve the implementation of single-to-numerous encryption; however, the sole authority challenge and the issue of distributed management of attributes are bottlenecks to its realization. Multi-authority attribute-based encryption (MA-ABE) where various attribute authorities (which may be independent of each other) control different attribute universe and are involved in the administration of attribute keys for decryption provides the necessary platform to undertake the implementation of fine-grained access regulation over shared data while achieving single-to-numerous encryption. In recent years, research into MA-ABE has seen rapid advancement, and we believe that it is a suitable solution to thwarting the key escrow problem as well as the problem of distributed management of attributes. This paper offers a thorough survey and examines the state-of-the-art of some traditional ABE as well as multi-authority attribute-based encryption schemes over the past decade. Furthermore, the survey gives detailed insights on some essential techniques as well as some classic concretely constructed algorithms. Moreover, we discuss an extension (the different directions) of MA-ABE and its progress since its inception. We also provide design principles of MA-ABE and also show comparisons between existing works on areas as security, performance, and functionality. This paper also discusses several interesting open problems. As far as we can tell, no comparable survey on MA-ABE exists in literature so far.

13 citations

Journal ArticleDOI
Xiaodong Yang1, Meiding Wang1, Ting Li1, Rui Liu1, Caifen Wang1 
TL;DR: This work uses certificateless signature technology to construct a privacy-preserving cloud auditing scheme for multiple users with authorization and traceability and introduces an identity authentication process between the third-party auditor (TPA) and the CSP to prevent the denial of service attack.
Abstract: With the widespread application of cloud storage, users could obtain many conveniences such as low-price data remote storage and flexible data sharing. Considering cloud service provider (CSP) is not full-trusted, lots of cloud auditing schemes are proposed to ensure the shared data security and integrity. However, existing cloud auditing schemes have some security risks, such as user identity disclosure, denial of service attack and single-manager abuse of power. To solve the above issues, we use certificateless signature technology to construct a privacy-preserving cloud auditing scheme for multiple users with authorization and traceability in this paper. Unlike the traditional schemes, our scheme realizes user identity anonymity without group signature and ring signature techniques, which guarantees the tag is compact. Meanwhile, our scheme supports that at least d managers could trace the identity of malicious user collaboratively, which avoids the abuse of single-manager power and provides non-frameability. Furthermore, we introduce an identity authentication process between the third-party auditor (TPA) and the CSP to prevent the denial of service attack. That is, our scheme could solve the problem that anyone can challenge the CSP for the proofs, which averts network congestion and waste of cloud resources. In terms of function, the proposed scheme also supports efficient user revocation from a group. Certificateless cryptography ensures that our scheme does not involve certificate management burden and the key escrow problem. The security analysis shows that our scheme is provably secure against two types of adversaries in the environment of certificateless cryptography. The performance analysis demonstrates that our scheme is efficient

13 citations

Book ChapterDOI
21 Sep 2015
TL;DR: This paper shows how to add accountability to any IBE scheme using oblivious transfer OT, with almost the same ciphertext efficiency as the underlying IBE, and extends the generic construction to support identity reuse without losing efficiency.
Abstract: Identity-Based Encryption IBE provides a compelling solution to the PKI management problem, however it comes with the serious privacy consideration that a trusted party called the PKG is required to generate and hence also know the secret keys of all users. This inherent key escrow problem is considered to be one of the major reasons hindering the wider utilization of IBE systems. In order to address this problem, Goyal [20] introduced the notion of accountable authority IBE A-IBE, in which a judge can differentiate the PKG from the user as the source of a decryption software. Via this "tracing" mechanism, A-IBE deters the PKG from leaking the user's secret key and hence offers a defense mechanism for IBE users against a malicious PKG. All previous works on A-IBE focused on specialized constructions trying to achieve different properties and efficiency enhancements. In this paper for the first time we show how to add accountability to any IBE scheme using oblivious transfer OT, with almost the same ciphertext efficiency as the underlying IBE. Furthermore, we extend our generic construction to support identity reuse without losing efficiency. This property is desirable in practice as users may accidentally lose their secret keys and they -naturally- prefer not to abandon their identities. How to achieve this property was open until our work. Along the way, we first modify the generic construction and develop a new technique to provide public traceability generically.

12 citations


Network Information
Related Topics (5)
Encryption
98.3K papers, 1.4M citations
85% related
Routing protocol
46.5K papers, 901.8K citations
80% related
Wireless ad hoc network
49K papers, 1.1M citations
79% related
Key distribution in wireless sensor networks
59.2K papers, 1.2M citations
78% related
Server
79.5K papers, 1.4M citations
78% related
Performance
Metrics
No. of papers in the topic in previous years
YearPapers
20241
202351
202289
202150
202072
201958