Clémentine Gritti

Efficient Dynamic Provable Data Possession with Public Verifiability and Data Privacy

We present a Dynamic Provable Data Possession (PDP) system with Public Verifiability and Data Privacy. Three entities are involved: a client who is the owner of the data to be stored, a server that stores the data and a Third Party Auditor (TPA) who may be required when the client wants to check the integrity of its data stored on the server. The system is publicly verifiable with the possible help of the TPA who acts on behalf of the client. The system exhibits data dynamicity at block level allowing data insertion, deletion and modification to be performed. Finally, the system is secure at the untrusted server and data private. We present a practical PDP system by adopting asymmetric pairings to gain efficiency and reduce the group exponentiation and pairing operations. In our scheme, no exponentiation and only three pairings are required during the proof of data possession check, which clearly outperforms all the existing schemes in the literature. Furthermore, our protocol supports proof of data possession on as many data blocks as possible at no extra cost.

Broadcast encryption with dealership

In this paper, we introduce a new cryptographic primitive called broadcast encryption with dealership. This notion, which has never been discussed in the cryptography literature, is applicable to many realistic broadcast services, for example subscription-based television service. Specifically, the new primitive enables a dealer to bulk buy the access to some products (e.g., TV channels) from the broadcaster, and hence, it will enable the dealer to resell the contents to the subscribers with a cheaper rate. Therefore, this creates business opportunity model for the dealer. We highlight the security consideration in such a scenario and capture the security requirements in the security model. Subsequently, we present a concrete scheme, which is proven secure under the decisional bilinear Diffie–Hellman exponent and the Diffie–Hellman exponent assumptions.

Dynamic provable data possession protocols with public verifiability and data privacy

Cloud storage services have become accessible and used by everyone. Nevertheless, stored data are dependable on the behavior of the cloud servers, and losses and damages often occur. One solution is to regularly audit the cloud servers in order to check the integrity of the stored data. The Dynamic Provable Data Possession scheme with Public Verifiability and Data Privacy presented in ACISP’15 is a straightforward design of such solution. However, this scheme is threatened by several attacks. In this paper, we carefully recall the definition of this scheme as well as explain how its security is dramatically menaced. Moreover, we proposed two new constructions for Dynamic Provable Data Possession scheme with Public Verifiability and Data Privacy based on the scheme presented in ACISP’15, one using Index Hash Tables and one based on Merkle Hash Trees. We show that the two schemes are secure and privacy-preserving in the random oracle model.

Privacy-preserving encryption scheme using DNA parentage test

Abstract Consider a scenario where a users credential is related to his/her DNA sequences. This credential can be used to construct a confidential message, which is decipherable by someone who is a relative of the encryptor, i.e. , the person who has enough close DNA sequences. We would like to have a system that provides privacy-preserving, in the sense that nobody will learn whether the encryptor is truly the ancestor of the recipient, except the fact whether the recipient can decrypt the given ciphertext or not. We present a system to realize this complex access control on encrypted data, such that the attributes used to describe a users credential will determine a policy as to which recipient will be able to decrypt the provided ciphertext. We formalize the security model of our system against chosen ciphertext attacks and collusion attacks. Furthermore, we show an efficient and provably secure construction.

Logarithmic size ring signatures without random oracles

Ring signatures enable a user to anonymously sign a message on behalf of group of users. In this study, the authors propose the first ring signature scheme whose size is O(log2 N), where N is the number of users in the ring. They achieve this result by improving Chandran et al.’s ring signature scheme presented at the International Colloquium on Automata, Languages and Programming 2007. Their scheme uses a common reference string and non-interactive zero-knowledge proofs. The security of their scheme is proven without requiring random oracles.

Lightweight secure bootstrap and message attestation in the internet of things

Internet of Things (IoT) offers new opportunities for business, technology and science but it also raises new challenges in terms of security and privacy, mainly because of the inherent characteristics of this environment: IoT devices come from a variety of manufacturers and operators and these devices suffer from constrained resources in terms of computation, communication and storage. In this paper, we address the problem of trust establishment for IoT and propose a security solution that consists of a secure bootstrap mechanism for device identification as well as a message attestation mechanism for aggregate response validation. To achieve both security requirements, we approach the problem in a confined environment, named SubNets of Things (SNoT), where various devices depend on it. In this context, devices are uniquely and securely identified thanks to their environment and their role within it. Additionally, the underlying message authentication technique features signature aggregation and hence, generates one compact response on behalf of all devices in the subnet.

Efficient file sharing in electronic health records

The issue of handling electronic health records have become paramount interest to the practitioners and security community, due to their sensitivity. In this paper, we propose a framework that enables medical practitioners to securely communicate among themselves to discuss health matters, and the patients can be rest assured that the information will only be made available to eligible medical practitioners. Specifically, we construct a new cryptographic primitive to enable File Sharing in Electronic Health Records (FSEHR). This primitive enables doctors to read the information sent by the hospital, or by any other individuals (such as patients’ health records), when the doctors have their ‘license’ validated by that given hospital. We construct such a cryptographic primitive and capture its security requirements in a set of security models. Subsequently, we present a concrete scheme, which is proven selectively chosen-ciphertext security (CCA-1) secure under the Decisional Bilinear Diffie-Hellman Exponent (DBDHE) assumption and fully collusion resistant.

CIL Security Proof for a Password-Based Key Exchange

Computational Indistinguishability Logic (CIL) is a logic for reasoning about cryptographic primitives in computational model. It is sound for standard model, but also supports reasoning in the random oracle and other idealized models. We illustrate the benefits of CIL by formally proving the security of a Password-Based Key Exchange (PBKE) scheme, which is designed to provide entities communicating over a public network and sharing a short password, under a session key.