Chapter 5. Threshold Cryptography on Cloud Computing
5.2 The NIST definition of cloud computing
In November 2010, the National Institute of Standards and Technology (NIST) launched the cloud computing technology projects. It is mainly to assist the federal government to adopt cloud computing instead, and to strengthen the traditional information system and the new cloud application model. Meanwhile, the US federal government also supports and assists the NIST to develop relevant standards, as well as the deployment of cloud security architecture and cloud computing. A series of documents and reports were also drafted during the course of projects, including: (1) NIST SP800-145 Cloud Computing Definition16, (2) NIST SP800-146 Cloud
Computing Recommendations53, and (3) NIST SP500-292 Cloud Computing System Architecture54. A wide range aspects of cloud security were focused in the projects, including cloud computing security barriers, cloud computing security measures list, etc. The NIST guidelines and recommendations can be considered as the essential guidelines for the development of cloud security in the future.
Specifically, NIST further explains its definition by outlining the five essential characteristics, three service models, and four deployment models. The five essential characteristics include on-demand self-service, broad network access, resource pooling, rapid elasticity, and measured service. The three services models discussed in the reports are Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS), while the four deployment models consist of private cloud, community cloud, public cloud, and hybrid cloud.
5.3 Threshold Cryptography on Cloud Computing
Although cloud computing can help companies save a broad range of resources, including hardware (such as equipment and maintenance costs), storage space and computing, security is a critical concern when it comes to the application of cloud computing. The security issues may be discussed from several aspects. First, the security of the server supplier is the primary and crucial concern. It is questionable whether the data can be restored when the server entity storing the data is damaged. In addition, it is greatly concerning whether the stored data is prone to be leaked or destroyed. Moreover, the highly concentrated information will bring convenience to the hackers (the eggs should not be placed in the same basket).
Take some real-world cases as examples. Business.com surveyed through Linkedin, 75% of the 65 respondents believe that "security" is the first consideration of cloud computing. In addition, Gartner surveyed 169 data center managers, and 85% thought that the’securit’ of cloud computing
might be the reason for them to retreat. Similarly, according to the CNN's article, ‘How safe is cloud computing?’, hackers can capture a lot of customer information in clouds. In a nutshell, when one puts more eggs in a single basket, the prize is much bigger for the others.
Some studies have tried to use the threshold cryptography to solve security problems. Those researchers anticipate to be able provide more security to the key used by the secret share schemes.
5.3.1 Threshold cryptography based on data security in cloud computing55 Acronyms and definition
a. DO (Data Owner): the data owner will upload the data to the CSP, so that DO can save the cost of storing and managing the data.
b. CSP (Cloud Service Provider): servers that provide cloud services, such as Amazon's Simple Storage Service (S3) and Elastic Block Store (EBS)
Procedure
Sushil Kr Saroj, Sanjeev Kr Chauhan, Aravendra Kr Sharma, Sundaram Vats, based on the NDAC model, coupled with the technique of threshold cryptography, enabled themselves not only provide the strong data confidentiality but also reduces the number of keys. And because of threshold cryptography, one can avoid collusion attack of malicious users and cloud service provider and heavy computation (due to large number of keys).
In short, as the illustration shown in Figure 3, User requests registration from DO. After DO confirms the identity of User, DO will divide users in groups, and DO will provide encryption keys, tokens, algorithm (MD5) and other necessary things for secure communication to user groups in response of registration. Then DO will transmit the updated Capability List and the file encrypted with 𝑘𝑇 (the symmetric key held by DO and User) to the CSP (this can avoid the CSP from knowing). When User needs the data, he or she will apply to the CSP. After the CSP confirms the
identity of the User based on the Capability List, it will perform a modified Diffle-Hellman exchange with the User. People call it modified DH algorithm as they encrypt the DH parameters using the public key of one side while using nonce in each direction during session key (𝑘𝑆 ) generation and data transfer. This helps to resist any negative attacks during the process. After User receives the file, one will complete the desire decrypt with other users in the group (in addition to the file is encrypted, there is actually the hash value of the file so User can verify the integrity of the file).
In this study, the authors divided all the steps into four algorithms, where the part related to the threshold is in algorithm 4. Algorithm 4, the algorithm for decryption of a file for User 1, is similar to threshold encryption technology, describing the procedure how a file is decrypting for User 1 after acquiring the encrypted message. Because one can't decrypt key alone, he or she first updates the PKS Vector (initially, all its bits are zero) with the key component, and then sends the PKS Vector and the encrypted message to the next user in the same group. Next user decrypts the message and updates the PKS Vector with his key component. This process continues until all bits of PKS Vector are one. It is clear to see that the application is not used by all key components (threshold for critical components only). Afterwards, the data is sent back to the originator user, who then decrypts the message and gets it. Initially, User 1 will not decrypt the message (M).
Figure 3
Instead, User 1 will only update the PKS Vector.
5.3.2 A secured key for cloud computing using threshold cryptography in Kerberos56 Acronyms and definition
a. Kerberos: is a network authentication protocol. It is designed to provide strong authentication for client/server applications by using Symmetric-key algorithm. A free implementation of this protocol is available from the Massachusetts Institute of Technology.
b. Authentication Sever (AS): is responsible for providing Ticket Granting Ticket (TGT) to the client. After AS confirms the identity of the client, AS encrypts TGT with the client's private key and sends it to the user.
c. Ticket Granting Sever (TGS): is responsible for providing Service Ticket (ST) to client.
Client will hand over the TGT that he got from the AS to the TGS. After the TGT is verified, the ST will be handed over to client.
Procedure
This paper proposed a cloud computing authentication model based on Kerberos protocol, which uses threshold cryptography technology to provide higher security and improve key availability. This model can also benefit by filtering unauthenticated access and reducing the computational and storage resources that cloud providers spend on each customer's identity authentication. It acts as a third party between the client and the cloud server to allow authorized and secure access to the cloud service. In Kerberos authentication, the main issue is how to prove an individual’s true identity. For example, when a client accesses a service on a server, how does the server determine if the client has access to the service on its own host.
Due to the fact that all the authentication processes are controlled by a centralized key distribution center, once the system is compromised, it is easy for an attacker to gain information
about the user's key. To avoid such situation, threshold encryption algorithm was applied in the study to divide the ticket into n shares and delivers it to the server, so that the key cannot be cracked until the number of votes for the threshold value is obtained.
Figure 4
Figure 5
5.3.3 Searching for the optimal value for threshold on cloud computing57
In the scope of cloud computing, threshold cryptography can help to increase security by protecting the key. Dividing the key into n copies can reduce the risk of the key being lost cracked by the attacker. Moreover, n people (every combination will only use k, k < n) use the assigned key component to combine only one key, which greatly reduces the burden of keys storage.
However, when it comes to the research on threshold cryptography, there is barely discussion related to the question of ’If n is fixed, how much k should be selected’. Therefore, Weena Janratchakool, Sirapat Boonkrong and Sucha Smanchat used CloudSim to simulate cloud environment and collect time consumed in key distribution and key reconstruction process to achieve the optimal threshold value. The key size used in the experiment will be only 2048-bit private keys according to the NIST recommendation.
First, n = 256, n = 224, and n = 196 were fixed respectively. When the number of threshold (that is, k) is gradually increased, the Key Distribution Time will increase. According to experiment conducted in the study, however, the results of Key Distribution Time showed little discrepancies, which were linearly increased and the gaps among the three results were small. Therefore, only the Average of Key Distribution Time was considered in the following analysis in the study.
Next, concerning what happens to the key reconstruction time when k is gradually increased under different n, the curves obtained from the two experiments were considered as intersections, and the researchers indicated that the part of the intersection was the best k. According to the experimental results, the best k was nearly 31% of n.
Although the authors were not convinced by the route of how to get the best k, the research on searching for the best k is expected in the future since it is increasing promising to protect sensitive data in terms of cloud computing (especially the private key stored via cloud computing).
Concerning security issues, using threshold cryptography to improve the security of private keys is one of the convincing approaches adopted by many people. Therefore, the importance of searching for the best k is correspondingly increasing.