Multiparty Authorization for Secure Data Storage in Cloud Environments using Improved Attribute-Based Encryption

TL;DR

This paper introduces an improved attribute-based encryption scheme with multiparty authorization for secure cloud data storage, enhancing security and efficiency while reducing storage overhead and resisting collision attacks.

Contribution

It proposes a novel multiparty authorization method using scalar points on a parabola and secret sharing, improving security and performance in cloud data encryption.

Findings

Scheme resists collision attacks.

Encryption time increases with more attributes.

Minimal storage overhead regardless of user count.

Abstract

In todays scenario, various organizations store their sensitive data in the cloud environment. Multiple problems are present while retrieving and storing vast amounts of data, such as the frequency of data requests (increasing the computational overhead of the server) and data leakage while storing. To cope with said problem, Attribute-Based Encryption (ABE) is one of the potential security and access control techniques for secure data storage and authorization. The proposed work divides into two objectives: (i) provide access to authorized users and (ii) secure data storage in a cloud environment. The improved ABE using Functional Based Stream Cipher (FBSE) is proposed for data storage. The proposed technique uses simple scalar points over a parabolic curve to provide multiparty authorization. The authorization points are generated and share only with the authorized recipients. The Shamir secret sharing technique generate the authorization points and 2D-Lagrange Interpolation is used to reconstruct the secret points from regular parabola. The proposed scheme has specified the threshold (Ts>3) legally authorized users to reconstruct the attribute-associated keys for decryption. The encryption of data is evaluated using Statistical analysis (NIST Statistical Test Suite, Correlation Coefficient, and Histogram) test to investigate image pixel deviation. The parameters like encryption and decryption are used for performance analysis, where an increase in the number of attributes for the authorization policy will increase the encryption time. The proposed scheme imposes minimal storage overhead, irrespective of the users identity. The security analysis evidence that it resists collision attacks. The security and performance analysis results demonstrate that the proposed scheme is more robust and secure.