Implementing Identity-based Signature Schemes for Secure Data Transfer in Cloud Computing Environments
Article Sidebar
Main Article Content
Abstract
In this paper, we present the implementation of the Cha-Cheon Identity-Based Signature (IBS) scheme to enhance secure data transfer in cloud computing environments. Cloud computing rely on traditional Public Key Infrastructure (PKI) systems, which is burdened by certificate management infrastructure. The primary focus of this research to simplify key and certificate management by leveraging identity-based elliptic curve cryptography (ECC) within the Cha-Cheon IBS framework. We show that the proposed IBS solution integrates seamlessly with Amazon Web Services (AWS), utilizing services like S3 for secure data storage and KMS for key management. By applying ECC, the Cha-Cheon scheme achieves efficient cryptographic operations with smaller key sizes, resulting in reduced computational overhead, faster key generation, signature creation, and verification times compared to RSA-based systems. We conducted extensive performance evaluations to compare the Cha-Cheon IBS scheme with traditional PKI-based systems. The results demonstrate that our implementation significantly outperforms RSA in terms of key generation, encryption, and signature verification times, especially under increased user loads and data sizes. Moreover, the security analysis confirms the robustness of the Cha-Cheon IBS against key compromise, offering strong resistance to unauthorized access and key revocation issues. The scheme also scales efficiently as the number of users increases, making it ideal for large-scale cloud infrastructures. This research highlights the potential of IBS as a viable alternative to PKI systems, providing a more streamlined and efficient approach to secure data transfers in cloud environments.
Article Details
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.
All articles published in JIWE are licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0) License. Readers are allowed to
- Share — copy and redistribute the material in any medium or format under the following conditions:
- Attribution — You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use;
- NonCommercial — You may not use the material for commercial purposes;
- NoDerivatives — If you remix, transform, or build upon the material, you may not distribute the modified material.
References
L. Golightly, V. Chang, Q. A. Xu, X. Gao, and B. S. Liu, “Adoption of cloud computing as innovation in the organization,” Int. J. Eng. Bus. Manag., vol. 14, 2022, doi: 10.1177/18479790221093992.
J. U. Maheswari, “Data privacy and security in cloud computing environments,” E3S Web Conf., vol. 399, pp. 04040-04040, 2023, doi: 10.1051/e3sconf/202339904040.
V. Joshi and S. Verma, “Navigating the complexities of cryptography: Trends, problems, and solutions,” in Lecture Notes in Networks and Systems, 2023, pp. 89-96, doi: 10.1007/978-981-99-5652-4_10.
E. Kiltz and G. Neven, “Identity-Based Signatures,” in Identity-Based Cryptography, 2009. [Online]. Available: https://api.semanticscholar.org/CorpusID:9805586
S. Lehrig, H. Eikerling, and S. Becker, “Scalability, elasticity, and efficiency in cloud computing,” in Proceedings of the 11th International ACM SIGSOFT Conference on Quality of Software Architectures (QoSA ’15, 2015. doi: 10.1145/2737182.2737185.
I. L. Jabar and F. Ismail, “Challenges in the management of IBS construction projects,” Asian J. Qual. Life, vol. 3, no. 9, p. 37, 2018, doi: 10.21834/ajqol.v3i9.75.
N. Sagheer, “Factors affecting adaptability of cryptocurrency: An application of technology acceptance model,” Front. Psychol., vol. 13, 2022, doi: 10.3389/fpsyg.2022.903473.
I. Kanwal, H. Shafi, S. Memon, and M. H. Shah, “Cloud computing security challenges: A review,” in Cybersecurity, Privacy and Freedom Protection in the Connected World, 2021, pp. 459-469,. doi: 10.1007/978-3-030-68534-8_29.
M. Patel and P. Rajan, “Identity based encryption and identity based signature scheme on security schemes,” Int. J. Innov. Technol. Explor. Eng., vol. 8, no. 11, pp. 3487-3493, 2019, doi: 10.35940/ijitee.k2564.0981119.
M. F. F. B. M. Hanafi and J.-J. Chin, “A survey on identity-based signature scheme,” in Proceedings of the 2nd International Cryptology Conference, 2010.
J.-J. Chin, S.-Y. Tan, Y. H.-S. Kam, and C. H. Leong, “Implementation of identity-based and certificateless identification on android platform,” 2014. [Online]. Available: https://api.semanticscholar.org/CorpusID:57607038
W.-C. Wong, T.-S. Ng, and J.-J. Chin, “Implementation of a pairing-based identity-based signature on iPhones,” Proceedings of the 5th International Cryptology and Information Security Conference 2016, CRYPTOLOGY 2016. pp. 166–174, 2016. [Online]. Available: https://www.scopus.com/inward/record.uri?eid=2-s2.0-84984636063&partnerID=40&md5=a4b43fb47e813a01855a8da5dc6217a1
Y. Otoum and A. Nayak, “AS-IDS: Anomaly and signature based IDS for the Internet of Things,” J. Netw. Syst. Manag., vol. 29, no. 3, 2021, doi: 10.1007/s10922-021-09589-6.
R. Sharma, “Towards secured multi-cloud environment using blockchain technology,” in 2020 IEEE 11th Annual Computing and Communication Workshop and Conference (CCWC, 2020, pp. 845-850.
W. J. Brown, V. Anderson, and Q. Tan, “Multitenancy – Security risks and countermeasures,” in 2012 15th International Conference on Network-Based Information Systems, doi: 10.1109/nbis.2012.142.
K. Lewis, “Security certification and standards implementation,” in Computer and Information Security Handbook, 2017, pp. 557-563, doi: 10.1016/b978-0-12-803843-7.00038-7.
A. Shamir, “Identity-based Cryptosystems and Signature Schemes,” in Proceedings of CRYPTO 84 on Advances in Cryptology, New York, NY, USA: Springer-Verlag New York, Inc., 1985, pp. 47–53. [Online]. Available: http://dl.acm.org/citation.cfm?id=19478.19483
A. Shamir, “Identity-based cryptosystems and signature schemes,” in Advances in Cryptology—CRYPTO ’99, vol. 1666, Berlin Heidelberg: Springer, 2000, pp. 16-32.
J. Dong, Q. Huang, and T. Wen, “Fine-grained access control based identity-based encryption scheme with privacy protection,” Int. J. Inf. Secur., vol. 13, no. 3, pp. 199-211, 2014.
Y. Wang, “New provable secure IBE scheme based on cyclotomic fields,” in International Conference on Wireless Communications, Networking and Mobile Computing, 2010, pp. 1-5.
P. Ghuge, V. Khadke, N. Deshpande, and U. Patil, “Multilayer identity-based encryption approach for data confidentiality and integrity in cloud environment,” in Proceedings of the 2nd International Conference on Communication and Electronics Systems (ICCES, 2020, pp. 460-465.
D. Langrehr and J. Pan, “Multi-challenge hierarchical identity based broadcast encryption scheme with constant size decryption private keys from bilinear pairings,” Symmetry, vol. 12, no. 8, p. 1224, 2020.
Q. Sun, Y. Guo, K. Yang, and Y. Mu, “Revocable ID-based proxy signature scheme for mobile communications,” J. Ambient Intell. Humaniz. Comput., vol. 10, no. 4, pp. 749-759, 2019.
Z. Xuecheng and X. Lin, “Generic construction of revocable identity-based encryption with efficient key revocation,” in Advances in Mathematics, Modeling and Simulation (ICAMMS, vol. 11, Atlantis Press, 2019, pp. 207-214.
J. Zhang, Y. Liu, and H. Chen, “A comprehensive security analysis of IBS frameworks,” J. Inf. Secur. Appl., vol. 46, pp. 101-117, 2019, doi: 10.1016/j.jisa.2018.12.005.
T. B. Jensen, I. Paladi, and P. Stub-Hansen, “An empirical study of IT governance capabilities influencing digital transformation success,” Gov. Inf. Q., vol. 35, no. 4, pp. 635-644, 2018.
J. Smith and B. R. Patel, “Advanced cryptography algorithms for securing communication over internet of things,” in 2019 IEEE 8th Annual Computing and Communication Workshop and Conference (CCWC, 2019, pp. 682-686.
R. Roman, K. McQueen, O. Hohlfeld, and C. Kruegel, “On the challenges of providing effective isolation in virtualized environments,” Proc. IEEE, vol. 106, no. 5, pp. 834-854, 2018, doi: 10.1109/JPROC.2017.2778474.
L. Gillam, “An introduction to cloud computing concepts and architectural considerations,” University of California, Santa Cruz, CA, Technical Report UCSC-SSRC-19-01, 2019.
M. Aldossary, “A review of dynamic resource management in cloud computing environments,” Comput. Syst. Sci. Eng., vol. 36, no. 3, pp. 461-476, 2021, doi: 10.32604/csse.2021.014975.
N. Kshetri, “Use of cloud computing services among small and medium enterprises in developing countries,” Technol. Forecast. Soc. Change, vol. 125, pp. 184-194, 2017.
M. Cremer and A. Pallas, “Data sovereignty – The EU perspective,” in Proceedings of the International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom, IEEE, 2014, pp. 385-390.
"Regulation (EU European Parliament, “of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data, and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation,” Off. J. Eur. Union, vol. L119, no. 1, pp. 1-88, 679 2016.
“California Consumer Privacy Act (CCPA) | State of California - Department of Justice - Office of the Attorney General.” Accessed: Nov. 23, 2024. [Online]. Available: https://oag.ca.gov/privacy/ccpa
O. of the P. C. of Canada, “The Personal Information Protection and Electronic Documents Act (PIPEDA).” Accessed: Nov. 23, 2024. [Online]. Available: https://www.priv.gc.ca/en/privacy-topics/privacy-laws-in-canada/the-personal-information-protection-and-electronic-documents-act-pipeda
Q. Hu, X. Liang, J. Hu, Y. Zhang, and C.-M. Cheng, “Enforcing privacy policies in cloud environments: An approach based on policy-aware authorization,” Future Gener. Comput. Syst., vol. 51, pp. 257-271, 2015.
Y. Zhou, M. Wang, and L. Xu, “Evaluating the efficiency of IBS frameworks,” Future Gener. Comput. Syst., vol. 108, pp. 257-269, 2020, doi: 10.1016/j.future.2018.04.017.
Z. Chen, K. Sun, W. Liu, and H. Zhao, “A comparative study on IBS and PKI in cloud environments,” IEEE Trans. Cloud Comput., vol. 8, no. 2, pp. 199-212, 2021, doi: 10.1109/TCC.2018.2839019.
T. Mao and S. He, “An integrated approach to pragmatic competence: Its framework and properties,” SAGE Open, vol. 11, no. 2, p. 215824402110114, 2021, doi: 10.1177/21582440211011472.
Y. Li and X. Wang, “Iterative refinement of IBS frameworks,” Computers, vol. 9, no. 2, pp. 43-56, 2020, doi: 10.3390/computers9020043.
J. S. Teh and A. Abba, “Towards Analysable Chaos-based Cryptosystems: Constructing Difference Distribution Tables for Chaotic Maps,” J. Inform. Web Eng., vol. 3, no. 3, Oct. 2024.
J.-F. Lai and S.-H. Heng, “Secure File Storage on Cloud Using Hybrid Cryptography,” J. Inform. Web Eng., vol. 1, no. 2, pp. 1–18, Sep. 2022, doi: 10.33093/jiwe.2022.1.2.1.
P. Chaudhari, J.-J. Chin, and S. M. Mohamad, “An In-Depth Analysis on Efficiency and Vulnerabilities on a Cloud-Based Searchable Symmetric Encryption Solution,” J. Inform. Web Eng., vol. 3, no. 1, Art. no. 1, Feb. 2024, doi: 10.33093/jiwe.2024.3.1.19.