The Centre for Computer and Information Security Research (CCISR) invites you to attend the Crypto Seminar with the following detail:
Date/time: Tuesday 8 Nov 1.30pm-2.30pm
Venue: 214 Infrastructure Security Lab, Smart Building
- The first talk: Title: One-round Attribute-based Key Exchange in the Multi-Party Setting
Speaker: Yangguang Tian
Abstract: Attribute-based authenticated key exchange (AB-AKE) is a useful primitive that allows a group of users to establish a shared secret key and at the same time enables fine-grained access control. A straightforward approach to design an AB-AKE protocol is to extend a key exchange protocol using attribute-based authentication technique. However, insider security is a challenge security issue for AB-AKE in the multi-party setting and cannot be solved using the straightforward approach. In addition, many existing key exchange protocols for the multi-party setting (e.g., the well-known Burmester-Desmedt protocol) require multiple broadcast rounds to complete the protocol. In this paper, we propose a novel one-round attribute-based key exchange (OAKE) protocol in the multi-party setting. We define the formal security models, including session key security and insider security, for OAKE, and prove the security of the proposed protocol under some standard assumptions in the random oracle model.
- The second talk:
Title: Privacy-preserving Cloud Auditing with Multiple Uploaders
Speaker: Ge Wu
Abstract: The provable data possession (PDP) allows the cloud server to prove that its client's data is securely stored, and allows the data uploader to check the integrity of the data (alternatively, a third party auditor (TPA) can perform the auditing on behalf of the uploader). Sharing data among multiple uploaders is another attracting advantage of cloud storage. However, privacy issues on multiple uploaders should be considered. During an auditing process, the TPA should not be able to learn the identity of the uploader. To address this problem, some privacy-preserving auditing schemes were found in the literature, utilizing ring signature or group signature techniques, which are not computationally efficient. How to improve efficiency in a cloud storage system with multiple uploaders is a challenge. In this paper, we propose an anonymous cloud auditing scheme with multiple uploaders (ACAMU). The authentication tag of a message consists of only one element. Therefore, the storage cost of the tags and the transmission and verification cost during the auditing process can be significantly reduced. We provide a full security proof for our scheme. Meanwhile, our scheme achieves unconditional anonymity for the uploaders, namely, the TPA cannot distinguish the identity of the uploader even though it holds all the uploaders' secret keys after performing the auditing operation.