Continuous leakage-resilient certificate-based signcryption scheme and application in cloud computing

Abstract

Leakage of private information, e.g. the secret keys, has become a serious threat to the security of computing systems. It has become a common requirement that real-world security applications should withstand various leakage attacks, such as side-channel attacks, cold-boot attacks, etc. For example, the above leakage attacks are very common in cloud computing nowadays. Hence, we need a novel method to protect the security of data storage and authorization even if a certain amount of leakage information with respect to the secret state can be obtained by any adversary. In order to achieve the above goal, in this paper, we introduce a continuous leakage-resilient certificate-based signcryption (CBS) scheme, and we prove that our proposed scheme achieves the chosen-ciphertext attacks (CCA) security based on the discrete logarithm assumption and the decisional Diffie-Hellman assumption. Our proposed scheme not only has the ability to resist the continuous leakage attacks, but also enjoys very low computational overheads. Moreover, two concrete continuous leakage-resilient data storage and authorization protocols are generated from the above continuous leakage-resilient CBS scheme: one has a single key generation center and the other generates the keys in a distributed form. Therefore, our protocols with continuous leakage resilience are particularly suitable for data storage and authorization in cloud computing system.