SlideShare a Scribd company logo

AN EFFICIENT THRESHOLD CRYPTOGRAPHY SCHEME FOR CLOUD ERP DATA

I
ijcisjournal

This research presents an efficient threshold cryptography scheme designed to enhance the security of cloud ERP data by modifying the Asmuth-Bloom secret sharing scheme. It addresses challenges like data redundancy and execution time during encryption and decryption, providing better resource efficiency compared to existing methods. The proposed scheme significantly reduces the size of encrypted data while ensuring confidentiality and resource effectiveness in cloud environments.

Engineering
Related topics:
cloud-erp
1 of 9
Download to read offline
1
2
3
4
5
6
7
8
9
International Journal on Cryptography and Information Security (IJCIS), Vol. 10, No.1, March 2020 DOI:10.5121/ijcis.2020.10101 1 AN EFFICIENT THRESHOLD CRYPTOGRAPHY SCHEME FOR CLOUD ERP DATA Arnold Mashud Abukari1 , Edem Kwedzo Bankas2 and Mohammed Iddrisu Muniru3 1 Computer Science Department, Tamale Technical University, Tamale, Ghana 2 Computer Science Department, University for Development Studies, Navrongo, Ghana 3 Mathematics Department, University for Development Studies, Navrongo, Ghana ABSTRACT Cloud ERP is a new concept that has caught the attention of researchers and industry players. One of the major challenges towards migrating ERP data to cloud is security and confidentiality. A number of secret sharing schemes (SSS) have been proposed Mignote, Asmuth-Bloom, Shamir and Blakley but not without challenges. In this research we proposed an efficient threshold cryptography scheme to secure cloud ERP data. We modified the Asmuth-Bloom SSS and applied it to cloud ERP data. KEYWORDS Threshold Cryptography, Secret Sharing Scheme (SSS), CRT, Cloud ERP. 1. INTRODUCTION Threshold Cryptography is a concept for sharing very sensitive data among a group of users. In our case, the group of users will be referred to as a group of n Cloud Enterprise Resource Planning (ERP) providers. Researchers over the years have succeeded in proposing Secret Sharing Schemes (SSS) including Asmuth-Bloom SSS [1] which is based on the Chinese Remainder Theorem (CRT). In [1] special sequence of integers and sequence of pairwise integers were used to share a randomly chosen secrets to different users. The proposed scheme in [1] failed to handle data redundancy and not applicable to cloud. Shamir [2] also developed a SSS based on polynomial interpolation. In 1983, Mignotte [3] proposed a weighted SSS based on the CRT. The scheme in [3] allowed the distribution of load among server (clouds) based on existing resources and the choice of a set of pairwise coprimes. In threshold cryptography, the most important requirement is the availability of a computable function without compelling parties to disclose their secret shares. This concept is known as function sharing problem and requires each part of the computation is carried out by different users without disclosing their secrets to each other. Several proposed schemes can be found in literature [[4],[5],[6],[7]] but most of them are built from Shamir [2] published in 1979. The concept of cloud computing has spread very fast and caught the attention of researchers and organisations due to the security implications on big data [8]. One of the new emerging solutions for cloud providers is Cloud ERP [9]. Cloud ERP, just like the on-premise ERP generates and store highly sensitive data and thus requires maximum data protection from hackers and cloud providers. ERP data stored in cloud uses computational resources provided by the cloud provider and this raises questions on confidentiality, reliability and safety of the Cloud ERP data. In this research, we propose Threshold Cryptography (TC) scheme to help reduce redundancy and enhance the security of Cloud ERP data. To ensure confidentiality and integrity of cloud ERP data, our TC Scheme is applicable.
International Journal on Cryptography and Information Security (IJCIS), Vol. 10, No.1, March 2020 2 2. THRESHOLD CRYPTOGRAPHY A cryptosystem is referred to as a threshold cryptosystem, if it requires several parties usually more than some threshold number in order to decrypt an encrypted message or data[6]. The security operations such as encryption, decryption, signature generation and verification can be performed by a group of processes without reconstructing the shared secrets. Considering a general problem of t-out-of-n secret sharing in threshold cryptography, and we have n-parties to share x = (x1; : : : ; xn), two main important properties needs to be guaranteed. These properties are: Recoverability: Given any t-shares, we can recover x Secrecy: Given any ¡t, x can never be recovered 3. SECRET SHARING SCHEME Secret Sharing Scheme is applied to build a storage system using n-number of clouds independently and separately so that any of the clouds can recover their respective data without knowing the secret shares of the others. The shared data can only make meaning when a certain number of the cloud providers conspire. In this research, we examined the Asmuth-Bloom scheme [1], Shamir [2] and Mignotte’s scheme [3] to see how it can be applied to Cloud ERP Data. We propose Threshold Cryptography (TC) scheme to help reduce redundancy and enhance the security of Cloud ERP data. 3.1. Shamir Secret Sharing Scheme The first scheme for sharing a secret was proposed by Shamir (Shamir, 1979) based on polynomial interpolation. To obtain a (t, n) secret sharing, a random polynomial is generated over where p is a prime number and a0 = d is the secret. The share of the ith party is . If t or more parties come together, they can construct the polynomial by Lagrange interpolation and obtain the secret, but any smaller coalitions cannot. 3.2. Blakley Secret Sharing Scheme Blakley gave a general construction of a threshold scheme using projective geometry. Construction. • i. In PG (t, q), randomly select a hyperplane X to be the secret. • ii. Choose n points in the hyperplane that are in general position in X. Hence, any t points form a basis for X. • iii. To reconstruct the secret, we simple take the span U of the participating points and see if U = X
International Journal on Cryptography and Information Security (IJCIS), Vol. 10, No.1, March 2020 3 3.3. Asmuth-Bloom Scheme The Asmuth-Bloom scheme uses special sequence of integers and pairwise relatively prime integers p0[1]. In this scheme,p1< p2 < : : : <pn are selected such that: Where k is the number of distinct shares. A secret S is chosen as a random element of the set Zp0 Let the shares Ii be chosen as Ii=(S+.p0) mod pi, 8 1 _ i _ n where is an arbitrary integer or a positive integer generated randomly such that S+.p0 2 Zpi;: : : pk . The Asmuth-Bloom scheme assumes four conditions as follows: The Asmuth-Bloom scheme requires n-times the computational resources for data storage for data like Cloud ERP data[1]. Given k distinct shares Ii1, Ii2,. . . ,Iik, the secret S can be obtained since S=x0 modp0, where x0 can be calculated using standard variant of the Chinese Remainder Theorem with a unique modulo pi1; : : : ; pik of the system. To make the scheme become asymptotically ideal SSS and also to secure the confidentiality of cloud ERP data incase there is cloud conspiracy, we introduce constraints and compactness to the Asmuth-Bloom Scheme such that p0 < p1 < p2; ::; pn< 2p0. 4. PROBLEM STATEMENT The concept of Threshold Cryptography in the application to cloud computing has not received adequate research after Shamir, Blakley, Asmuth-Bloom and Mignotte made strides in applying it to secret sharing. The desire of organisations for centralised, accurate and timely information that will help in analysing data in order to make strong strategic decisions and gain a favourable competitive advantage has given birth to Cloud Enterprise Resource Planning (ERP). The size of encrypted ERP Data in cloud, the execution time and memory usage during encryption and decryption deserves much attention and improvement and has been the focus of our research.
International Journal on Cryptography and Information Security (IJCIS), Vol. 10, No.1, March 2020 4 5. PROPOSED SCHEME In this research we propose a new Scheme based on CRT to help reduce the execution time for encryption and decryption as well as memory usage. Our scheme also reduces the size of encrypted data. We propose a Scheme to provide security for cloud ERP data and also to significantly reduce the redundancy of Cloud ERP Data. Considering our modification on the four conditions that needs to be satisfied to fulfill the Asmuth-Bloom secret sharing scheme as stated in (Asmuth and Bloom, 1983), we propose a new Scheme to provide security for cloud ERP data and also to significantly reduce the redundancy of Cloud ERP Data when the Mignotte scheme (Mignotte, 1983) is applied. The proposed scheme also applied the Asmuth-Bloom scheme to prove its threshold cryptographic properties. We considered the following notations in building the our Scheme: D – Cloud ERP Data, p1; p2; p3; : : : ; pn being pairwise coprime numbers, p0 is an arbitrary integer also called the PROPOSED Key that corresponds with the above coprime We considered the following notations in building the Scheme: • D – Cloud ERP Data • p1,p2,p3,…,pn being pairwise coprime numbers, p0 is an arbitrary integer also called the PROPOSED Key that corresponds with the above coprime numbers. • We propose that the Cloud ERP data be stored among n number of cloud service providers. We propose that Where is the PROPOSED key, t is the threshold for the cloud providers in order to recover the secret or ERP data. To calculate the ERP data shares for each cloud service provider we use: , C is the cloud service providers shares, D is the data or secret, is the PROPOSED key and is an arbitrary integer randomly generated. 5.1. Conditions For Our Scheme The conditions that needs to be satisfied by our scheme are: • • • p0<p1<p2<…<pn<2p0 (Constraint compactness) • The condition four(4) is necessary to confirm the threshold property of our scheme needed for secret sharing schemes.
International Journal on Cryptography and Information Security (IJCIS), Vol. 10, No.1, March 2020 5 5.2. Proposed Algorithms
International Journal on Cryptography and Information Security (IJCIS), Vol. 10, No.1, March 2020 6 5.3. Cloud Erp Data Redundancy With Our Scheme Considering po being the PROPOSED key, pi being the ERP data shares based on coprime randomly selected numbers and D is the ERP data then the redundancy of Cloud ERP data based on our proposed scheme is defined as follows per (Mignotte, 1983): Where n is the number of cloud service providers. 6. RESULTS AND DISCUSSION We used a pdf file of size 14,752,894bytes (14mb) and the number of cloud service providers n to be 5 whiles the k-value is 3. These common parameters were used for all three Secret Sharing Schemes namely Shamir SSS, Blakley SSS and our Scheme. Figure 1: Parameters for testing 6.1. Encryption Execution Time Analysis Despite no differences in memory usage compared with Blakley and Shamir , our scheme uses lesser time during the encryption process and thus per the simulation results is faster during encryption compared to the Shamir, Blakley and Asmuth-Bloom Schemes. Faster execution time means less computational resources are used during the encryption process. This lesser time for encryption will compensate for the high memory usage since the memory will be released within the shortest time frame compared to others.
International Journal on Cryptography and Information Security (IJCIS), Vol. 10, No.1, March 2020 7 Figure 2: Execution Time Analysis 6.2. Encryption Memory Usage Analysis Our scheme performed equally in the memory used in the encryption process as Blakley and Shamir but performed better than Asmuth-Bloom scheme. The simulation results averagely suggests our Scheme is performing well in memory space just as the other schemes. Figure 3: Encryption Memory Usage Analysis 6.3. Size On Disk After Encryption Analysis Encrypted Data size after the encryption process was also investigated by comparing all the three schemes. The simulation results averagely suggests that our scheme performs better in terms of the size of encrypted data. Comparing the sizes of the encrypted data from the schemes reveals the size of the our encrypted data is relatively smaller compared to others. This suggests that our scheme improves the efficient use of space on the servers.
International Journal on Cryptography and Information Security (IJCIS), Vol. 10, No.1, March 2020 8 Figure 4: Size on Disk Analysis 6.4. Decryption Execution Time In the decryption process, Our scheme performs better in memory usage and time of execution. This suggests that our scheme saves time and computational resources during the decryption processes. Figure 5: Decryption Execution Time Analysis
International Journal on Cryptography and Information Security (IJCIS), Vol. 10, No.1, March 2020 9 7. CONCLUSION In this research work, we propose a new secret sharing scheme which is based on the Chinese Remainder Theorem (CRT). The main objective behind our scheme is to help avoid cloud collusion using threshold cryptography and to reduce the execution time and memory usage as well reduce the size of encrypted data in cloud. The PROPOSED scheme is an improvement to the Shamir, Blakley and Mignotte schemes since it reduces the exection time and computational resources. The test runs results show an improved execution time and less computational resources when our scheme is applied REFERENCES [1] C. Asmuth and J. Bloom, “A modular approach to key safeguarding,” IEEE Transactions on Information Theory, vol. 29, no. 2, pp. 208–210, March 1983. [2] A. Shamir, “How to share a secret,” Commun. ACM, vol. 22, no. 11, pp. 612–613, Nov. 1979. [Online]. Available: http://doi.acm.org/10.1145/359168.359176 [3] M. Mignotte, “How to share a secret,” in Cryptography, T. Beth, Ed. Berlin, Heidelberg: Springer Berlin Heidelberg, 1983, pp. 371–375. [4] A. De Santis, Y. Desmedt, Y. Frankel, and M. Yung, “How to share a function securely,” in Proceedings of the Twenty-sixth Annual ACM Symposium on Theory of Computing, ser. STOC ’94. New York, NY, USA: ACM, 1994, pp. 522–533. [Online]. Available: http://doi.acm.org/10.1145/195058.195405 [5] H.-F. Huang and C.-C.Chang, “A novel efficient (t, n) threshold proxy signature scheme,” Information sciences, vol. 176, no. 10, pp. 1338–1349, 2006. [6] Y. Desmedt, “Some recent research aspects of threshold cryptography,” in International Workshop on Information Security. Springer, 1997, pp. 158–173. [7] V. Shoup, “Practical threshold signatures,” in International Conference on the Theory and Applications of Cryptographic Techniques. Springer, 2000, pp. 207–220. [8] C. P. Chen and C.-Y. Zhang, “Data-intensive applications, challenges, techniques and technologies: A survey on big data,” Information Sciences, vol. 275, pp. 314–347, 2014. [9] C. Songsheng and Y. Peipei, “Economic benefits of enterprise resources planning (erp)-based on empirical evidence from chinese listed companies,” in Logistics Systems and Intelligent Management, 2010 International Conference on, vol. 3. IEEE, 2010, pp. 1305–1308.

More Related Content

PDF
Cryptographic Cloud Storage with Hadoop Implementation
IOSR Journals
 
PDF
Using TensorFlow for Machine Learning
Justin Brandenburg
 
PPTX
ESWC 2013: A Systematic Investigation of Explicit and Implicit Schema Informa...
Thomas Gottron
 
PDF
Accumulo and the Convergence of Machine Learning, Big Data, and Supercomputing
Accumulo Summit
 
PDF
Harvard poster
Alysson Almeida
 
PPTX
Polyvalent recommendations
Ted Dunning
 
DOCX
NEW ALGORITHMS FOR SECURE OUTSOURCING OF LARGE-SCALE SYSTEMS OF LINEAR EQUAT...
Nexgen Technology
 
PPTX
Distributed approximate spectral clustering for large scale datasets
Bita Kazemi
 
Cryptographic Cloud Storage with Hadoop Implementation
IOSR Journals
 
Using TensorFlow for Machine Learning
Justin Brandenburg
 
ESWC 2013: A Systematic Investigation of Explicit and Implicit Schema Informa...
Thomas Gottron
 
Accumulo and the Convergence of Machine Learning, Big Data, and Supercomputing
Accumulo Summit
 
Harvard poster
Alysson Almeida
 
Polyvalent recommendations
Ted Dunning
 
NEW ALGORITHMS FOR SECURE OUTSOURCING OF LARGE-SCALE SYSTEMS OF LINEAR EQUAT...
Nexgen Technology
 
Distributed approximate spectral clustering for large scale datasets
Bita Kazemi
 

What's hot (19)

PDF
Clustbigfim frequent itemset mining of
ijfcstjournal
 
PPTX
Isse 2014 homomorphic encryption and porticor post event
ICT Economic Impact
 
PPTX
Strata new-york-2012
Ted Dunning
 
PPTX
Graphlab Ted Dunning Clustering
MapR Technologies
 
PDF
F044062933
IJERA Editor
 
PPTX
A Comprehensive Study of Clustering Algorithms for Big Data Mining with MapRe...
KamleshKumar394
 
PPTX
Boston hug-2012-07
Ted Dunning
 
PDF
Access strategies ppt_ind
ItamarCohen16
 
PPTX
Streaming Algorithms
Joe Kelley
 
PDF
Big Data & Hadoop. Simone Leo (CRS4)
CRS4 Research Center in Sardinia
 
PDF
Eg4301808811
IJERA Editor
 
PDF
Predicting Flight Delays with Spark Machine Learning
Carol McDonald
 
PPT
Taste Java In The Clouds
Jacky Chu
 
PDF
Implementation of p pic algorithm in map reduce to handle big data
eSAT Publishing House
 
PPTX
Which Algorithms Really Matter
Ted Dunning
 
PDF
Parikshit Ram – Senior Machine Learning Scientist, Skytree at MLconf ATL
MLconf
 
PPTX
Doing-the-impossible
Ted Dunning
 
PDF
Storm users group real time hadoop
Ted Dunning
 
PPTX
What is the past future tense of data?
Ted Dunning
 
Clustbigfim frequent itemset mining of
ijfcstjournal
 
Isse 2014 homomorphic encryption and porticor post event
ICT Economic Impact
 
Strata new-york-2012
Ted Dunning
 
Graphlab Ted Dunning Clustering
MapR Technologies
 
F044062933
IJERA Editor
 
A Comprehensive Study of Clustering Algorithms for Big Data Mining with MapRe...
KamleshKumar394
 
Boston hug-2012-07
Ted Dunning
 
Access strategies ppt_ind
ItamarCohen16
 
Streaming Algorithms
Joe Kelley
 
Big Data & Hadoop. Simone Leo (CRS4)
CRS4 Research Center in Sardinia
 
Eg4301808811
IJERA Editor
 
Predicting Flight Delays with Spark Machine Learning
Carol McDonald
 
Taste Java In The Clouds
Jacky Chu
 
Implementation of p pic algorithm in map reduce to handle big data
eSAT Publishing House
 
Which Algorithms Really Matter
Ted Dunning
 
Parikshit Ram – Senior Machine Learning Scientist, Skytree at MLconf ATL
MLconf
 
Doing-the-impossible
Ted Dunning
 
Storm users group real time hadoop
Ted Dunning
 
What is the past future tense of data?
Ted Dunning
 
Ad

Similar to AN EFFICIENT THRESHOLD CRYPTOGRAPHY SCHEME FOR CLOUD ERP DATA (20)

PDF
SPACE-EFFICIENT VERIFIABLE SECRET SHARING USING POLYNOMIAL INTERPOLATION
Shakas Technologies
 
DOCX
SPACE-EFFICIENT VERIFIABLE SECRET SHARING USING POLYNOMIAL INTERPOLATION
Nexgen Technology
 
DOCX
Space-efficient Verifiable Secret Sharing Using Polynomial Interpolation
nexgentechnology
 
DOCX
Space-efficient Verifiable Secret Sharing Using Polynomial Interpolation
nexgentechnology
 
DOCX
Space efficient verifiable secret sharing
nexgentech15
 
DOC
Space efficient verifiable secret sharing using polynomial interpolation
CloudTechnologies
 
PDF
21642583%2E2014%2E985803
Chandramowliswaran NARAYANASWAMY
 
PDF
IRJET- Security Enhancement for Sharing Data within Group Members in Cloud
IRJET Journal
 
PDF
REU Group 2 - Paper
Scott Payne
 
PDF
IRJET- Schemes for Securing Cloud Data when the Cryptographic Material is Exp...
IRJET Journal
 
PDF
15
NARAYANASWAMY CHANDRAMOWLISWARAN
 
PDF
15
Chandramowliswaran NARAYANASWAMY
 
PDF
Integrity verification for an optimized cloud architecture
TELKOMNIKA JOURNAL
 
PDF
An Efficient Scheme for Data Sharing Among Dynamic Cloud Members
IRJET Journal
 
PDF
IRJET- An Efficient Data Sharing Scheme in Mobile Cloud Computing using Attri...
IRJET Journal
 
PDF
IRJET-2 Proxy-Oriented Data Uploading in Multi Cloud Storage
IRJET Journal
 
PDF
Secure Anti-Collusion Data Sharing Scheme for Dynamic Groups in Cloud
IRJET Journal
 
PDF
NCM RB PAPER
NARAYANASWAMY CHANDRAMOWLISWARAN
 
PDF
A Novel Approach for Data Security in Cloud Environment
SHREYASSRINATH94
 
PDF
J018145862
IOSR Journals
 
SPACE-EFFICIENT VERIFIABLE SECRET SHARING USING POLYNOMIAL INTERPOLATION
Shakas Technologies
 
SPACE-EFFICIENT VERIFIABLE SECRET SHARING USING POLYNOMIAL INTERPOLATION
Nexgen Technology
 
Space-efficient Verifiable Secret Sharing Using Polynomial Interpolation
nexgentechnology
 
Space-efficient Verifiable Secret Sharing Using Polynomial Interpolation
nexgentechnology
 
Space efficient verifiable secret sharing
nexgentech15
 
Space efficient verifiable secret sharing using polynomial interpolation
CloudTechnologies
 
21642583%2E2014%2E985803
Chandramowliswaran NARAYANASWAMY
 
IRJET- Security Enhancement for Sharing Data within Group Members in Cloud
IRJET Journal
 
REU Group 2 - Paper
Scott Payne
 
IRJET- Schemes for Securing Cloud Data when the Cryptographic Material is Exp...
IRJET Journal
 
15
NARAYANASWAMY CHANDRAMOWLISWARAN
 
15
Chandramowliswaran NARAYANASWAMY
 
Integrity verification for an optimized cloud architecture
TELKOMNIKA JOURNAL
 
An Efficient Scheme for Data Sharing Among Dynamic Cloud Members
IRJET Journal
 
IRJET- An Efficient Data Sharing Scheme in Mobile Cloud Computing using Attri...
IRJET Journal
 
IRJET-2 Proxy-Oriented Data Uploading in Multi Cloud Storage
IRJET Journal
 
Secure Anti-Collusion Data Sharing Scheme for Dynamic Groups in Cloud
IRJET Journal
 
NCM RB PAPER
NARAYANASWAMY CHANDRAMOWLISWARAN
 
A Novel Approach for Data Security in Cloud Environment
SHREYASSRINATH94
 
J018145862
IOSR Journals
 
Ad

Recently uploaded (20)

PDF
PRIZ Academy - 9 Windows Thinking Where to Invest Today to Win Tomorrow.pdf
PRIZ Guru
 
PDF
PPT on Performance Review to get promotions
prashant593122
 
PDF
SM_6th-Sem__Cse_Internet-of-Things.pdf IOT
smceramu
 
PPTX
Internet of Things (IOT) - A guide to understanding
Davies Chacko
 
PPTX
M Tech Sem 1 Civil Engineering Environmental Sciences.pptx
ShriNRPrasad
 
PPTX
CH1 Production IntroductoryConcepts.pptx
RacemMellouli1
 
PPTX
additive manufacturing of ss316l using mig welding
premcdr7799
 
PDF
Digital Logic Computer Design lecture notes
CHINNASUNKAIAH1
 
PPTX
Foundation to blockchain - A guide to Blockchain Tech
Davies Chacko
 
PPTX
Geodesy 1.pptx...............................................
abhi1361yadav
 
PDF
Evaluating the Democratization of the Turkish Armed Forces from a Normative P...
jpsjournal1
 
PPTX
bas. eng. economics group 4 presentation 1.pptx
kiribakimoses1993
 
PPTX
KTU 2019 -S7-MCN 401 MODULE 2-VINAY.pptx
VinayB68
 
PPTX
Sustainable Sites - Green Building Construction
mhdumerali
 
PPTX
OOP with Java - Java Introduction (Basics)
Rashmi T V
 
PPTX
CARTOGRAPHY AND GEOINFORMATION VISUALIZATION chapter1 NPTE (2).pptx
abhi1361yadav
 
PDF
Operating System & Kernel Study Guide-1 - converted.pdf
mranoninvisib16
 
PPTX
web development for engineering and engineering
keshriji700
 
DOCX
ASol_English-Language-Literature-Set-1-27-02-2023-converted.docx
AYUSHMANAV
 
PPTX
MET 305 2019 SCHEME MODULE 2 COMPLETE.pptx
VinayB68
 
PRIZ Academy - 9 Windows Thinking Where to Invest Today to Win Tomorrow.pdf
PRIZ Guru
 
PPT on Performance Review to get promotions
prashant593122
 
SM_6th-Sem__Cse_Internet-of-Things.pdf IOT
smceramu
 
Internet of Things (IOT) - A guide to understanding
Davies Chacko
 
M Tech Sem 1 Civil Engineering Environmental Sciences.pptx
ShriNRPrasad
 
CH1 Production IntroductoryConcepts.pptx
RacemMellouli1
 
additive manufacturing of ss316l using mig welding
premcdr7799
 
Digital Logic Computer Design lecture notes
CHINNASUNKAIAH1
 
Foundation to blockchain - A guide to Blockchain Tech
Davies Chacko
 
Geodesy 1.pptx...............................................
abhi1361yadav
 
Evaluating the Democratization of the Turkish Armed Forces from a Normative P...
jpsjournal1
 
bas. eng. economics group 4 presentation 1.pptx
kiribakimoses1993
 
KTU 2019 -S7-MCN 401 MODULE 2-VINAY.pptx
VinayB68
 
Sustainable Sites - Green Building Construction
mhdumerali
 
OOP with Java - Java Introduction (Basics)
Rashmi T V
 
CARTOGRAPHY AND GEOINFORMATION VISUALIZATION chapter1 NPTE (2).pptx
abhi1361yadav
 
Operating System & Kernel Study Guide-1 - converted.pdf
mranoninvisib16
 
web development for engineering and engineering
keshriji700
 
ASol_English-Language-Literature-Set-1-27-02-2023-converted.docx
AYUSHMANAV
 
MET 305 2019 SCHEME MODULE 2 COMPLETE.pptx
VinayB68
 

AN EFFICIENT THRESHOLD CRYPTOGRAPHY SCHEME FOR CLOUD ERP DATA

  • 1. International Journal on Cryptography and Information Security (IJCIS), Vol. 10, No.1, March 2020 DOI:10.5121/ijcis.2020.10101 1 AN EFFICIENT THRESHOLD CRYPTOGRAPHY SCHEME FOR CLOUD ERP DATA Arnold Mashud Abukari1 , Edem Kwedzo Bankas2 and Mohammed Iddrisu Muniru3 1 Computer Science Department, Tamale Technical University, Tamale, Ghana 2 Computer Science Department, University for Development Studies, Navrongo, Ghana 3 Mathematics Department, University for Development Studies, Navrongo, Ghana ABSTRACT Cloud ERP is a new concept that has caught the attention of researchers and industry players. One of the major challenges towards migrating ERP data to cloud is security and confidentiality. A number of secret sharing schemes (SSS) have been proposed Mignote, Asmuth-Bloom, Shamir and Blakley but not without challenges. In this research we proposed an efficient threshold cryptography scheme to secure cloud ERP data. We modified the Asmuth-Bloom SSS and applied it to cloud ERP data. KEYWORDS Threshold Cryptography, Secret Sharing Scheme (SSS), CRT, Cloud ERP. 1. INTRODUCTION Threshold Cryptography is a concept for sharing very sensitive data among a group of users. In our case, the group of users will be referred to as a group of n Cloud Enterprise Resource Planning (ERP) providers. Researchers over the years have succeeded in proposing Secret Sharing Schemes (SSS) including Asmuth-Bloom SSS [1] which is based on the Chinese Remainder Theorem (CRT). In [1] special sequence of integers and sequence of pairwise integers were used to share a randomly chosen secrets to different users. The proposed scheme in [1] failed to handle data redundancy and not applicable to cloud. Shamir [2] also developed a SSS based on polynomial interpolation. In 1983, Mignotte [3] proposed a weighted SSS based on the CRT. The scheme in [3] allowed the distribution of load among server (clouds) based on existing resources and the choice of a set of pairwise coprimes. In threshold cryptography, the most important requirement is the availability of a computable function without compelling parties to disclose their secret shares. This concept is known as function sharing problem and requires each part of the computation is carried out by different users without disclosing their secrets to each other. Several proposed schemes can be found in literature [[4],[5],[6],[7]] but most of them are built from Shamir [2] published in 1979. The concept of cloud computing has spread very fast and caught the attention of researchers and organisations due to the security implications on big data [8]. One of the new emerging solutions for cloud providers is Cloud ERP [9]. Cloud ERP, just like the on-premise ERP generates and store highly sensitive data and thus requires maximum data protection from hackers and cloud providers. ERP data stored in cloud uses computational resources provided by the cloud provider and this raises questions on confidentiality, reliability and safety of the Cloud ERP data. In this research, we propose Threshold Cryptography (TC) scheme to help reduce redundancy and enhance the security of Cloud ERP data. To ensure confidentiality and integrity of cloud ERP data, our TC Scheme is applicable.
  • 2. International Journal on Cryptography and Information Security (IJCIS), Vol. 10, No.1, March 2020 2 2. THRESHOLD CRYPTOGRAPHY A cryptosystem is referred to as a threshold cryptosystem, if it requires several parties usually more than some threshold number in order to decrypt an encrypted message or data[6]. The security operations such as encryption, decryption, signature generation and verification can be performed by a group of processes without reconstructing the shared secrets. Considering a general problem of t-out-of-n secret sharing in threshold cryptography, and we have n-parties to share x = (x1; : : : ; xn), two main important properties needs to be guaranteed. These properties are: Recoverability: Given any t-shares, we can recover x Secrecy: Given any ¡t, x can never be recovered 3. SECRET SHARING SCHEME Secret Sharing Scheme is applied to build a storage system using n-number of clouds independently and separately so that any of the clouds can recover their respective data without knowing the secret shares of the others. The shared data can only make meaning when a certain number of the cloud providers conspire. In this research, we examined the Asmuth-Bloom scheme [1], Shamir [2] and Mignotte’s scheme [3] to see how it can be applied to Cloud ERP Data. We propose Threshold Cryptography (TC) scheme to help reduce redundancy and enhance the security of Cloud ERP data. 3.1. Shamir Secret Sharing Scheme The first scheme for sharing a secret was proposed by Shamir (Shamir, 1979) based on polynomial interpolation. To obtain a (t, n) secret sharing, a random polynomial is generated over where p is a prime number and a0 = d is the secret. The share of the ith party is . If t or more parties come together, they can construct the polynomial by Lagrange interpolation and obtain the secret, but any smaller coalitions cannot. 3.2. Blakley Secret Sharing Scheme Blakley gave a general construction of a threshold scheme using projective geometry. Construction. • i. In PG (t, q), randomly select a hyperplane X to be the secret. • ii. Choose n points in the hyperplane that are in general position in X. Hence, any t points form a basis for X. • iii. To reconstruct the secret, we simple take the span U of the participating points and see if U = X
  • 3. International Journal on Cryptography and Information Security (IJCIS), Vol. 10, No.1, March 2020 3 3.3. Asmuth-Bloom Scheme The Asmuth-Bloom scheme uses special sequence of integers and pairwise relatively prime integers p0[1]. In this scheme,p1< p2 < : : : <pn are selected such that: Where k is the number of distinct shares. A secret S is chosen as a random element of the set Zp0 Let the shares Ii be chosen as Ii=(S+.p0) mod pi, 8 1 _ i _ n where is an arbitrary integer or a positive integer generated randomly such that S+.p0 2 Zpi;: : : pk . The Asmuth-Bloom scheme assumes four conditions as follows: The Asmuth-Bloom scheme requires n-times the computational resources for data storage for data like Cloud ERP data[1]. Given k distinct shares Ii1, Ii2,. . . ,Iik, the secret S can be obtained since S=x0 modp0, where x0 can be calculated using standard variant of the Chinese Remainder Theorem with a unique modulo pi1; : : : ; pik of the system. To make the scheme become asymptotically ideal SSS and also to secure the confidentiality of cloud ERP data incase there is cloud conspiracy, we introduce constraints and compactness to the Asmuth-Bloom Scheme such that p0 < p1 < p2; ::; pn< 2p0. 4. PROBLEM STATEMENT The concept of Threshold Cryptography in the application to cloud computing has not received adequate research after Shamir, Blakley, Asmuth-Bloom and Mignotte made strides in applying it to secret sharing. The desire of organisations for centralised, accurate and timely information that will help in analysing data in order to make strong strategic decisions and gain a favourable competitive advantage has given birth to Cloud Enterprise Resource Planning (ERP). The size of encrypted ERP Data in cloud, the execution time and memory usage during encryption and decryption deserves much attention and improvement and has been the focus of our research.
  • 4. International Journal on Cryptography and Information Security (IJCIS), Vol. 10, No.1, March 2020 4 5. PROPOSED SCHEME In this research we propose a new Scheme based on CRT to help reduce the execution time for encryption and decryption as well as memory usage. Our scheme also reduces the size of encrypted data. We propose a Scheme to provide security for cloud ERP data and also to significantly reduce the redundancy of Cloud ERP Data. Considering our modification on the four conditions that needs to be satisfied to fulfill the Asmuth-Bloom secret sharing scheme as stated in (Asmuth and Bloom, 1983), we propose a new Scheme to provide security for cloud ERP data and also to significantly reduce the redundancy of Cloud ERP Data when the Mignotte scheme (Mignotte, 1983) is applied. The proposed scheme also applied the Asmuth-Bloom scheme to prove its threshold cryptographic properties. We considered the following notations in building the our Scheme: D – Cloud ERP Data, p1; p2; p3; : : : ; pn being pairwise coprime numbers, p0 is an arbitrary integer also called the PROPOSED Key that corresponds with the above coprime We considered the following notations in building the Scheme: • D – Cloud ERP Data • p1,p2,p3,…,pn being pairwise coprime numbers, p0 is an arbitrary integer also called the PROPOSED Key that corresponds with the above coprime numbers. • We propose that the Cloud ERP data be stored among n number of cloud service providers. We propose that Where is the PROPOSED key, t is the threshold for the cloud providers in order to recover the secret or ERP data. To calculate the ERP data shares for each cloud service provider we use: , C is the cloud service providers shares, D is the data or secret, is the PROPOSED key and is an arbitrary integer randomly generated. 5.1. Conditions For Our Scheme The conditions that needs to be satisfied by our scheme are: • • • p0<p1<p2<…<pn<2p0 (Constraint compactness) • The condition four(4) is necessary to confirm the threshold property of our scheme needed for secret sharing schemes.
  • 5. International Journal on Cryptography and Information Security (IJCIS), Vol. 10, No.1, March 2020 5 5.2. Proposed Algorithms
  • 6. International Journal on Cryptography and Information Security (IJCIS), Vol. 10, No.1, March 2020 6 5.3. Cloud Erp Data Redundancy With Our Scheme Considering po being the PROPOSED key, pi being the ERP data shares based on coprime randomly selected numbers and D is the ERP data then the redundancy of Cloud ERP data based on our proposed scheme is defined as follows per (Mignotte, 1983): Where n is the number of cloud service providers. 6. RESULTS AND DISCUSSION We used a pdf file of size 14,752,894bytes (14mb) and the number of cloud service providers n to be 5 whiles the k-value is 3. These common parameters were used for all three Secret Sharing Schemes namely Shamir SSS, Blakley SSS and our Scheme. Figure 1: Parameters for testing 6.1. Encryption Execution Time Analysis Despite no differences in memory usage compared with Blakley and Shamir , our scheme uses lesser time during the encryption process and thus per the simulation results is faster during encryption compared to the Shamir, Blakley and Asmuth-Bloom Schemes. Faster execution time means less computational resources are used during the encryption process. This lesser time for encryption will compensate for the high memory usage since the memory will be released within the shortest time frame compared to others.
  • 7. International Journal on Cryptography and Information Security (IJCIS), Vol. 10, No.1, March 2020 7 Figure 2: Execution Time Analysis 6.2. Encryption Memory Usage Analysis Our scheme performed equally in the memory used in the encryption process as Blakley and Shamir but performed better than Asmuth-Bloom scheme. The simulation results averagely suggests our Scheme is performing well in memory space just as the other schemes. Figure 3: Encryption Memory Usage Analysis 6.3. Size On Disk After Encryption Analysis Encrypted Data size after the encryption process was also investigated by comparing all the three schemes. The simulation results averagely suggests that our scheme performs better in terms of the size of encrypted data. Comparing the sizes of the encrypted data from the schemes reveals the size of the our encrypted data is relatively smaller compared to others. This suggests that our scheme improves the efficient use of space on the servers.
  • 8. International Journal on Cryptography and Information Security (IJCIS), Vol. 10, No.1, March 2020 8 Figure 4: Size on Disk Analysis 6.4. Decryption Execution Time In the decryption process, Our scheme performs better in memory usage and time of execution. This suggests that our scheme saves time and computational resources during the decryption processes. Figure 5: Decryption Execution Time Analysis
  • 9. International Journal on Cryptography and Information Security (IJCIS), Vol. 10, No.1, March 2020 9 7. CONCLUSION In this research work, we propose a new secret sharing scheme which is based on the Chinese Remainder Theorem (CRT). The main objective behind our scheme is to help avoid cloud collusion using threshold cryptography and to reduce the execution time and memory usage as well reduce the size of encrypted data in cloud. The PROPOSED scheme is an improvement to the Shamir, Blakley and Mignotte schemes since it reduces the exection time and computational resources. The test runs results show an improved execution time and less computational resources when our scheme is applied REFERENCES [1] C. Asmuth and J. Bloom, “A modular approach to key safeguarding,” IEEE Transactions on Information Theory, vol. 29, no. 2, pp. 208–210, March 1983. [2] A. Shamir, “How to share a secret,” Commun. ACM, vol. 22, no. 11, pp. 612–613, Nov. 1979. [Online]. Available: http://doi.acm.org/10.1145/359168.359176 [3] M. Mignotte, “How to share a secret,” in Cryptography, T. Beth, Ed. Berlin, Heidelberg: Springer Berlin Heidelberg, 1983, pp. 371–375. [4] A. De Santis, Y. Desmedt, Y. Frankel, and M. Yung, “How to share a function securely,” in Proceedings of the Twenty-sixth Annual ACM Symposium on Theory of Computing, ser. STOC ’94. New York, NY, USA: ACM, 1994, pp. 522–533. [Online]. Available: http://doi.acm.org/10.1145/195058.195405 [5] H.-F. Huang and C.-C.Chang, “A novel efficient (t, n) threshold proxy signature scheme,” Information sciences, vol. 176, no. 10, pp. 1338–1349, 2006. [6] Y. Desmedt, “Some recent research aspects of threshold cryptography,” in International Workshop on Information Security. Springer, 1997, pp. 158–173. [7] V. Shoup, “Practical threshold signatures,” in International Conference on the Theory and Applications of Cryptographic Techniques. Springer, 2000, pp. 207–220. [8] C. P. Chen and C.-Y. Zhang, “Data-intensive applications, challenges, techniques and technologies: A survey on big data,” Information Sciences, vol. 275, pp. 314–347, 2014. [9] C. Songsheng and Y. Peipei, “Economic benefits of enterprise resources planning (erp)-based on empirical evidence from chinese listed companies,” in Logistics Systems and Intelligent Management, 2010 International Conference on, vol. 3. IEEE, 2010, pp. 1305–1308.