KR20150034591A - Cloud server for re-encrypting the encrypted data and re-encrypting method thereof - Google Patents

Cloud server for re-encrypting the encrypted data and re-encrypting method thereof Download PDF

Info

Publication number
KR20150034591A
KR20150034591A KR20140060366A KR20140060366A KR20150034591A KR 20150034591 A KR20150034591 A KR 20150034591A KR 20140060366 A KR20140060366 A KR 20140060366A KR 20140060366 A KR20140060366 A KR 20140060366A KR 20150034591 A KR20150034591 A KR 20150034591A
Authority
KR
South Korea
Prior art keywords
data
key
encryption
cloud server
decryption
Prior art date
Application number
KR20140060366A
Other languages
Korean (ko)
Inventor
서승우
박영훈
Original Assignee
서울대학교산학협력단
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 서울대학교산학협력단 filed Critical 서울대학교산학협력단
Publication of KR20150034591A publication Critical patent/KR20150034591A/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F15/00Digital computers in general; Data processing equipment in general
    • G06F15/16Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

This disclosure relates to cloud storage services and relates to techniques for enabling encrypted data to be decrypted and viewed even if the user loses the password. A cloud server according to the present invention is a cloud server that provides a cloud storage service to a plurality of user equipments and includes a communication unit for performing communication between a plurality of user equipments and the cloud server and a communication unit for communicating data received from at least one user equipments And a processing unit for generating new data by re-encrypting the stored data, wherein the stored data is encrypted data decrypted by the first decryption key into original data, and the new data is decrypted by the second decryption key The processing unit refers to a re-encryption key different from the first and second decryption keys, and performs re-encryption without decoding the original data by the first decryption key.

Description

[0001] CLOUD SERVER FOR RE-ENCRYPTING THE ENCRYPTED DATA AND RE-ENCRYPTING METHOD THEREOF [0002]

The present disclosure relates to a cloud server providing cloud storage service, and more particularly, to a cloud server for re-encrypting encrypted data and a re-encryption method thereof.

Cloud services are a mix of computing and communication services, such as virtualization, utility, and on demand computing. Typically, virtualized computer systems are used to provide users with a variety of software, security solutions, or computing resources. Means the service provided.

In particular, the cloud service can provide a wide range of data storage services to the user, allowing the user to store programs or documents individually stored in the personal computer device in an Internet-based cloud server. And, the user can drive or browse a program or a document stored in the cloud server through various terminals such as a personal computer or a smart phone. This cloud service has the advantage of allowing the user to freely access the stored data without being affected by the place, and to utilize a richer computing resource than the user can personally provide.

On the other hand, as the data storage service using the cloud is widely used, secret data such as personal information, private data, and business secrets of the enterprise are increasingly stored in the cloud server. To this end, some cloud services encrypt stored data to prevent data from being leaked to a third party. Some of them are not to store the encryption information separately in the cloud server (for example, spideroak or boxcryptor) so that the cloud service provider can not arbitrarily browse the data stored in the cloud server, In such a system, only the user can have the encryption information or decrypt the encrypted data. However, in this case, the user's confidence in the security of the stored data may be improved, but when the user loses the encryption information (or encryption means), either the cloud server (or the service provider) There is a problem that the user can not decrypt the encrypted data again.

Cryptology "Direct Constructions of Bidirectional Proxy Re-Encryption with Alleviated Trust in Proxy", Jian Weng and Yunlei Zhao, in the 2011 report of ePrint Archive.

An object of the present invention is to provide a cloud server and a re-encryption method thereof for re-encrypting data encrypted with existing encryption information in a cloud storage service as new encryption information without a decryption process.

It is another object of the present invention to provide a cloud storage service configured so that a service provider can not also browse stored data, in which a user newly renews encryption information in place of lost encryption information, A cloud server capable of decrypting data, and a re-encryption method thereof.

A cloud server for providing a cloud storage service to a plurality of user devices according to embodiments of the present invention includes a communication unit for performing communication between the plurality of user devices and the cloud server; A data storage unit for storing data received from at least one of the plurality of user devices; And a processor for re-encrypting the stored data to generate new data, wherein the stored data is encrypted data decoded into original data by a first decryption key, and the new data is decrypted by the second decryption key, And the processing unit performs the re-encryption without decoding the original data by the first decryption key with reference to a re-encryption key different from the first and second decryption keys .

In an embodiment, the first decryption key and the second decryption key are different from each other.

As an embodiment, the decoding to the original data by the first decoding key and the decoding to the original data by the second decoding key are performed by the same decoding algorithm.

In an embodiment, the second decryption key is stored exclusively in the at least one user device.

In an embodiment, the stored data is data obtained by encrypting the original data with an encryption key corresponding to the first decryption key.

In an embodiment, the encryption key and the other encryption key corresponding to the second decryption key are stored exclusively in the at least one user device.

As an embodiment, the encryption of the original data by the encryption key is performed by an encryption algorithm represented by the formula M enc = (C, Z) = (M x e (g 1 , k e ) r , g 1 r ) Wherein M enc is the encrypted data, C and Z are two parameters included in the encrypted data, M is the original data, e is e (u a , v b ) = e (u, v) ab , k e is the encryption key, g1 is a factor value provided for encryption, and r is a random number.

As an embodiment, the decoding to the original data by the first decoding key is performed by a decoding algorithm using a function h expressed by the equation h (C, Z) = C / [e (Z, g 2 ) kd ] and the k d is the independent variable in the first decryption key, and wherein g 2 is a factor value, and wherein the C and Z is the decryption algorithm, each of the encrypted data that is provided for decoding by the first decoding key Is substituted into the function h.

By way of example, re-encryption of the stored data, the formula M enc '= (A, B ) = is performed by the re-encryption algorithm represented by the (C × e (Z, k re), Z), wherein M enc' Is the new data re-encrypted, A and B are two parameters included in the re-encrypted new data, and k re is the re-encryption key.

In an embodiment, the at least one user device determines the re-encryption key with reference to the encryption key and the other encryption key, and provides the determined re-encryption key to the cloud server.

In an embodiment, the at least one user device comprises one or more participating clients or non-participating clients.

A method of re-encrypting data in a cloud server providing cloud storage services to a plurality of user devices according to embodiments of the present invention includes: checking a password lost message from at least one user device among the plurality of user devices; Providing a seed key to the at least one user device in accordance with the confirmation result; Generating a re-encryption key based on the seed key and the new password; And re-encrypting the first encrypted data decrypted with the first decryption key with the original data, with the second decryption key, with the second decrypted data decrypted with the original data with reference to the re-encryption key, And the re-encrypting step re-encrypts the first encrypted data with the second encrypted data without decoding the original data by the first decryption key.

In an embodiment, the second decryption key is stored exclusively in the at least one user device.

In an embodiment, the second encrypted data is stored in the cloud server and is provided to the at least one user device upon request of the at least one user device.

In an embodiment, the first decryption key and the second decryption key are different from each other.

As an embodiment, the decoding to the original data by the first decoding key and the decoding to the original data by the second decoding key are performed by the same decoding algorithm.

According to the embodiment of the present disclosure, the encryption information for the data is not shared with the service provider. Therefore, only the user can decrypt the data, and the security of the data is improved.

Also, the user can re-encrypt the data encrypted with the existing encryption information into new encryption information without a separate decryption process.

Further, even when the user loses the encryption information, the user can newly update the encryption information in place of the lost encryption information, and can freely decrypt and browse the data encrypted with the lost encryption information through the updated encryption information.

1 is a conceptual diagram illustrating a cloud system, in accordance with embodiments of the present disclosure;
2 is a block diagram showing a specific configuration of the cloud server shown in FIG.
FIGS. 3 and 4 are diagrams illustrating a method of generating encryption information in a cloud system according to embodiments of the present invention. FIG.
5 is a flowchart illustrating a data encryption method of a cloud system according to embodiments of the present invention.
6 is a flowchart showing a data decoding method of a cloud system according to embodiments of the present invention.
7 is a block diagram schematically illustrating a method of re-encryption of a cloud server according to embodiments of the present invention.
8 and 9 are diagrams illustrating a method for generating new encryption information in a cloud system according to embodiments of the present invention.
10 is a flowchart specifically illustrating a data re-encryption method of a cloud system according to embodiments of the present invention.

The following detailed description of the invention refers to the accompanying drawings, which illustrate, by way of illustration, specific embodiments in which the disclosure may be practiced. These embodiments are described in sufficient detail to enable those skilled in the art to practice the specification. It should be understood that the various embodiments herein are different, but need not be mutually exclusive. For example, certain features, structures, and characteristics described herein may be implemented in other embodiments without departing from the spirit and scope of the disclosure in relation to one embodiment. It is also to be understood that the position or arrangement of the individual components within each disclosed embodiment may be varied without departing from the spirit and scope of the disclosure. The following detailed description is, therefore, not to be taken in a limiting sense, and the scope of this specification is principally defined in the appended claims, encompassing the possible claims within the claims and their possible equivalents . Where similar reference numerals are used in the figures, similar reference numerals used refer to the same or similar functions for various embodiments.

In the cloud storage service, even if the data stored in the cloud server is leaked, the data must be encrypted to ensure the confidentiality of the data. Furthermore, in order to more fully secure the confidentiality of data, the provider of the cloud service also needs to hold the encryption information for encrypting or decrypting the data alone, not shared with the service provider, so that the stored data can not be opened .

However, in this case, since the encryption information can not be obtained again from the service provider, if the user loses the encryption information, the encrypted data stored in the cloud can not be decrypted or browsed again. Thus, in this specification, a means is provided for freely decrypting or browsing stored data even if the user loses the encrypted information by renewing the encryption information in lieu of the lost encryption information and re-encrypting the stored data with the updated encryption information do.

Prior to the earliest description of the specification, the terms used throughout the specification are defined.

Definition of Terms

Cloud server: A device that connects to clients through wired / wireless communication and provides cloud storage services to users. And stores various user information or data.

Participating client: A user device that stores a user's encryption key and decryption key as encryption information, and is a client registered in advance in the cloud server. For example, a computer with a cloud server sync program or a smartphone with a cloud app installed can be a participating client.

Sync program: It is a program that synchronizes the file and folder structure stored in the cloud server with the file and folder structure of the client as an application linked to the cloud storage service.

Non-participating client: A user device that does not store the user's encryption key and decryption key, and is not previously registered with the cloud server. For example, a public computer that does not have a sync program installed can be a non-participating client.

M: The data that the user stores in the cloud. When stored in the cloud, it is stored in encrypted form (Menc).

k s : The seed key that the cloud server has.

ID, pw log : Login ID and password for the user to connect to the cloud server. The user knows both the login ID and the password, and the cloud stores the hash value of the login ID and login password.

pw enc : Encryption password to generate encryption information. The password used to encrypt or decrypt the data stored in the cloud, only the user knows it and is not shared with the cloud server.

f (x, y): Generation function for generating encryption information. From the two input values, a predetermined result that is calculated in the polynomial time is calculated (i.e., the result is calculated within a predetermined time). However, when z = f (x, y), it is very difficult to find the other one of x and y even if x and y and z are known. It is shared with both the cloud server and the client.

g 1 ∈ G 1 , g 2 ∈ G 2 : any value that the cloud server generates. Here, the set G 1 in which g 1 and g 2 are generated or selected, G 2 may be different from each other, and g 1 and g 2 are values used for encrypting and decrypting data. g 2 is also used as a method for generating a user's encryption key.

e: Bilinear map mapped as G 1 × G 2 → G T. e (u a, v b) = e (u, v) is a function having the characteristics ab.

k d : decryption key for decrypting the encrypted data (Menc). is calculated by substituting the encryption secret and the seed key as two input values of k d = f (pw enc , k s ), that is, f (x, y).

k e : An encryption key for encrypting data. k e = g 2 kd , that is, g 2 and k d , and k e has only the user. In the public key cryptosystem, k e is paired with k d and can be derived from the k d in polynomial time. On the other hand, k e is derived very easily from k d , but it is difficult to derive k d from k e .

r: random number

A '(where A is an arbitrary value): A is updated or updated.

In the following, the embodiments of the present invention will be described in detail with the assumption that the terms are defined as above.

1 is a conceptual diagram illustrating a cloud system, in accordance with embodiments of the present disclosure; Referring to FIG. 1, a cloud system 1000 includes a cloud server 1100, a user device 1200, and a communications network 1300.

The cloud server 1100 is communicatively coupled to a plurality of communication devices, including the user device 1200, via a communication network 1300. The cloud server 1100 provides general or personalized services (e.g., data storage resources and data processing services) to the user device 1200 connected to the cloud server 1100 using its own processing means. As an example, the cloud server 1100 may have log-on means for controlling connections from the user device 1200, either individually or collectively.

The specific configuration, function, and operation method of the cloud server 1200 will be described in more detail in Fig. 2 and the following.

The user device 1200 is connected to the cloud server 1100 through the communication network 1300 and transmits data to the cloud server 1100 or receives data from the cloud server 1100. [ The user device 1200 includes a participating client 1210 or a non-participating client 1220. User device 1200 may be a computing device such as a personal computer, a public computer, a server computer, or a mobile device such as a laptop, smart phone, smart TV, tablet PC, PDA, etc., have.

The specific configuration, function, and operating method of the user device 1200 will be described in more detail below with reference to FIG.

The communication network 1300 communicatively connects the cloud server 1100 and the user device 1200. The communication network 1300 relays data transmission between the cloud server 1100 and the user device 1200 through, for example, a mobile communication network 1310 or a wireless LAN 1320 provided by a mobile communication company. Communication network 1300 includes hardware or software optimized for various communication standards and may include general communication means through which objects and objects may be networked.

The communication network 1300 may be a wireless LAN (Local Area Network), a metropolitan area network (MAN), a Global System for Mobile Network (GSM), an Enhanced Data GSM Environment (EDGE), a High Speed Downlink Packet Access (HSDPA) (Code Division Multiple Access), Time Division Multiple Access (TDMA), Bluetooth, Zigbee, Wi-Fi, Voice over Internet Protocol (VoIP) , LTE Advanced, IEEE 802.16m, WirelessMAN-Advanced, HSPA +, 3GPP Long Term Evolution (LTE), Mobile WiMAX (IEEE 802.16e), UMB (formerly EV- DO Rev. C), Flash-OFDM, iBurst and MBWA 802.20) systems, HIPERMAN, Beam-Division Multiple Access (BDMA), Wi-MAX (World Interoperability for Microwave Access) and ultrasound-enabled communications.

In the embodiments herein, the user device 1200 is comprised of a participating client 1210 or a non-participating client 1220. The user apparatus 1200 has an encryption key and a decryption key that are not shared with the cloud server 1200 and encrypts and decrypts data stored in the cloud server 1200 through the encryption key and the decryption key.

In addition, when the encrypted password pw enc is lost, the user device 1200 updates the encryption key and the decryption key according to the new encryption password pw enc ', and generates the re-encryption key using the updated encryption key. The generated re-encryption key is provided to the cloud server 1100. The cloud server 1100 re-encrypts the stored data with reference to the re-encryption key. The re-encrypted data is decodable data with the updated decryption key.

The method by which the user device updates the encryption key and decryption key, generates the re-encryption key, and the specific method by which the cloud server 1100 re-encrypts the stored data according to the re-encryption key is described in detail below in FIG.

According to the above configuration, the encryption information for the stored data is not shared with the service provider. Therefore, only the user can decrypt the data, and the security of the data is improved.

Also, since the user can re-encrypt the data encrypted with the existing encryption information into new encryption information without performing a separate decryption process, data stored in the cloud server can be decrypted and browsed freely even if encryption information is lost.

2 is a block diagram showing a specific configuration of the cloud server shown in FIG. Referring to FIG. 2, the cloud server 1100 includes a processing unit 1110, a data storage unit 1120, and a communication unit 1130.

The processing unit 1110 re-encrypts the encrypted data M enc by referring to data received via the wireless network 1300, and controls the overall operation of the cloud server 1100. As an example, processing unit 1110 may generate a seed key (k s ) to generate encryption information. In addition, the processing unit 1110 can confirm the login of the user by confirming the login ID and the login password of the user.

The data storage unit 1120 stores the encrypted data M enc . As an example, the data storage unit 1120 may further store seed keys (k s ), argument values (g 1 , g 2 ) for data encryption and decryption, a user's login ID, and a login password. The data storage unit 1120 is a computer-readable storage medium, and may include volatile or non-volatile memory.

The data storage unit 1120 may be configured as one piece of hardware included in a single server or may be configured as a virtualization system logically combining a plurality of storage media distributed to a plurality of servers.

The communication unit 1130 performs communication or data transmission / reception between the cloud server 1100 and the wireless network 1300. The communication unit 1130 has interface means communicatively connected to the wireless network 1300 and receives data from the wireless network 1300. [ The received data may be provided to each module 1210, 1220 of the cloud server 1100.

FIGS. 3 and 4 are diagrams illustrating a method of generating encryption information in a cloud system according to embodiments of the present invention. FIG. FIG. 3 shows a method of generating an encryption information when the user apparatus is a participating client, and FIG. 4 shows a method of generating encryption information when the user apparatus is a non-participating client.

3 and 4, the decryption key (k d ) generated according to the encryption information generating method is stored only in the user (participating client or non-participating client) and not in the cloud server 1100. Furthermore, the encryption key (k e ) generated according to the encryption information generation method may also be stored only in the user (participating client or non-participating client) and not shared in the cloud server 1100.

Referring to FIG. 3, a method 100 for generating an encryption information is performed through communication between a participating client 1210 and a cloud server 1100.

The participating client 1210 generates a login ID and a login password (pw log ) of the user to access the cloud server 1100, and transmits the generated ID and password to the cloud server 1100 (110).

The cloud server 1100 confirms the ID and password (pw log ) transmitted from the participating client 1210 and determines 120 whether to approve the participating client 1210. Once the participating client 1210 is approved, the cloud server 1100 generates (130) a seed key (k s ) and factor values g 1 , g 2 (130) to generate encryption information (in particular a decryption key) Sends the seed key (k s ) and argument values (g 1 , g 2 ) to the participating client 1210 together with the generation function f.

The user or participating client 1210 and determines the encrypted password (pw enc), generating function (f) by substituting the encrypted password (pw enc) and a seed key (k s) to the encryption information, such as decryption key ( It generates a k d) and the encryption key (k e),.

A concrete embodiment for generating the encryption information from the encryption secret (pw enc ) and the seed key (k s ) will be described later in conjunction with FIG.

As an embodiment, participating client 1210 may store 160 a user's login ID, login password pw log , encrypted password pw enc , or encryption information k e , k d . Furthermore, the participating client 1210 may further store the factor values g 1 , g 2 .

As an example, the cloud server 1100 may store 170 the user's login ID and login password pw log .

However, if the user's login ID and login password (pw log ) are already registered in the cloud server 1100, the user newly inputs the login ID and the login password pw log ). In this case, the user can connect to the cloud server 1100 simply by inputting and transmitting the login ID and the login password (pw log ).

According to the above configuration, the participating client 1210 can generate the encryption information (k e , k d ) through communication with the cloud server 1100.

Referring to FIG. 4, a method 200 for generating an encryption information is performed through communication between a non-participant client 1220 and a cloud server 1100.

The non-participating client 1220 inputs the user's login ID and login password (pw log ) to access the cloud server 1100, and transmits the entered ID and password to the cloud server 1100 (210).

The cloud server 1100 checks the ID and the password pw log sent from the non-participating client 1220 and refers to the ID and the password pw log to generate the seed function k s And the argument value g 2 to the non-participating client 1220. At this time, the cloud server 1100 to the group presence seed key (k s) and search for the value of the argument (g 2) and may provide a non-participating client 1220, a group exists, the seed key (k s) and factors that If there is no value (g 2 ), it may be newly generated and provided. By way of example, if the non-participating client 1220 is to encrypt the data (M) to be uploaded to the cloud server 1100, a cloud server 1100 is the argument value (g 2) in place of or parameter value (g 2) (G < 1 >) for encryption.

Then, the user or non-participating client 1220 is encrypted password (pw enc) a crystal or the input to generate a function (f) encryption by substituting the encrypted password (pw enc) and a seed key (k s), information on, for example, To determine a decryption key (k d ) and an encryption key (k e ).

A concrete embodiment for generating the encryption information from the encryption secret (pw enc ) and the seed key (k s ) will be described later in conjunction with FIG.

As an embodiment, non-participating client 1220 may at least temporarily store a user's login ID, login password pw log , encrypted password pw enc , or encryption information k e , k d . Furthermore, the non-participating client 1220 may further store the argument values g 1 , g 2 at least temporarily.

Here, it is assumed that the user's login ID and login password (pw log ) are already registered in the cloud server 1100. Otherwise, the user will be connected to the cloud server 1100 by creating and sending a new login ID and login password (pw log ).

According to the above configuration, the non-participating client 1220 can generate the encryption information (k e , k d ) through communication with the cloud server 1100.

5 is a flowchart illustrating a data encryption method of a cloud system according to embodiments of the present invention. Referring to FIG. 5, the data encryption method of the cloud system 1000 (see FIG. 1) includes steps S110 to S130.

In FIG. 5, the cloud system 1000 may utilize at least one of a variety of encryption algorithms known in the art to encrypt data for storage in the cloud server 1100 (see FIG. 1). For example, the cloud system 1000 is described in the Cryptology ePrint Archive 2011 report entitled " Direct Constructions of Bidirectional Proxy Re-Encryption with Alleviated Trust in Proxy ", by Jian Weng and Yunlei Zhao Quot; can be used to encrypt data. The cloud system 1000 can encrypt data using other encryption algorithms known in the art and can be encrypted by the method of Jian Weng and Yunlei Zhao The method is not limited.

In step S110, the user device 1200 generates a decryption key (k d) with reference to a seed key (ks). The decryption key (k d ) is generated by substituting the encryption secret (pw enc ) and the seed key (k s ) into the generation function f (x, y) defined above as shown in equation (1).

k d = f (pw enc , k s ) ... Equation (1)

Here, the encrypted password pw enc is a password used for data encryption or decryption, and is a value determined and known by the user. As an example, the seed key (k s ) may be pre-stored in the user device 1200 or provided from the cloud server 1100 (see FIG. 1). In the meantime, the generation function f has been described as a function having two input values, but this is merely an example, and the generation function f may be a function having three or more input values. In this case, other input values of the generation function f may be a value determined by the user or provided by the cloud server 1100.

In step S120, the user device 1200 generates an encryption key (k e ) from the decryption key (k d ). The encryption key (k e ) can be generated using the decryption key (k d ) and the argument value (g 2 ) as shown in equation (2).

k e = g 2 kd ... Equation (2)

In step S130, the user device 1200 encrypts the original data M in accordance with an encryption method such as Equation (3) using the generated encryption key (k e ). As an embodiment, it may refer to a previously stored or provided prestored value g 1 from the cloud server 1100 to encrypt the original data M. The encrypted data (M enc ) is uploaded and stored in the cloud server 1100.

M enc = (M x e (g 1 , k e ) r , g 1 r ) = (C, Z) Equation (3)

That is, the user device 1200 generates the encrypted data M enc having two parameters C and Z by processing the original data M as shown in equation (3).

5, it is assumed that the user device 1200 newly generates an encryption key (k e ) for data encryption. However, this is an example, and the user device 1200 may store the encryption key (k e ) may be used to encrypt the data. In this case, steps S110 and S120 of FIG. 5 may be omitted, and the data encryption method may include two steps of reading the original data M and encrypting the read data.

Further, in the embodiment of FIG. 5, the cloud system 1000 is assumed to encrypt data using a scheme that does not disclose the encryption key (k e ), but this is only exemplary and the scope of the present disclosure is limited thereto It is not. For example, the cloud system 1000 can encrypt data in a public key cryptosystem.

Further, in the embodiment of FIG. 5, the cloud system 1000 is assumed to encrypt data using an asymmetric key encryption scheme in which the encryption key (k e ) and the decryption key (k d ) are different, The scope of the present specification is not limited thereto. For example, the cloud system 1000 can encrypt data with a symmetric key encryption scheme.

According to the above configuration, the cloud system 1000 can encrypt data to be stored in the cloud server 1100 using the encryption key (k e ).

6 is a flowchart showing a data decoding method of a cloud system according to embodiments of the present invention. Referring to FIG. 6, the data decoding method of the cloud system 1000 (see FIG. 1) includes steps S210 to S220.

In Figure 6, the cloud system 1000 may utilize at least one of a variety of decryption algorithms known in the art to decrypt the data stored in the cloud server 1100 (see Figure 1). For example, the cloud system 1000 is described in the Cryptology ePrint Archive 2011 report entitled " Direct Constructions of Bidirectional Proxy Re-Encryption with Alleviated Trust in Proxy ", by Jian Weng and Yunlei Zhao &Quot; can decrypt the data using a decryption algorithm according to " However, it is to be understood that the cloud system 1000 can encrypt data using other decryption algorithms known in the art and can be decrypted by the method of Jian Weng and Yunlei Zhao The method is not limited. However, the decryption method at this time is paired with the encryption method used in FIG. 5 and should be able to decrypt the encrypted data M enc in FIG.

In step S210, the user device 1200 reads the encrypted data M enc from the cloud server 1100 or from another storage medium (e.g., data storage 1120). The read data M enc may be temporarily stored in the use device 1200 for decoding.

In step S220, the user device 1200 decrypts the encrypted data M enc in accordance with the decryption key (k d ) to restore the original data (M). The decryption key (k d ) is stored in the user device 1200 in advance. The user device 1200 restores the original data M through a decoding method paired with a method of encrypting the data. For example, if the data is encrypted with the encryption method of FIG. 4, the user device 1200 decrypts the encrypted data M enc according to the method of equation (4).

First, a function h with h (C, Z) = C / [e (Z, g 2 ) kd ]

In the decoding process, two parameters of M enc = (C, Z) = (M × e (g 1 , k e ) r , g 1 r ) are substituted into the input value of the function h.

h (C, Z) = h (M × e (g 1, k e) r, g 1 r) = M × e (g 1, k e) r) / [e (g 1 r, g 2) kd ]

= M × e (g 1 , g 2 ) kd × r / [e (g 1 , g 2 ) kd × r ] = M Equation (4)

That is, in step S220, the user device 1200 inputs the encrypted data M enc to the data processing method represented by the function h, and decodes the original data M as a result.

6, the user equipment 1200 may read and use a decryption key (k d ) stored in advance from a storage medium (for example, the data storage unit 1120) a new decryption key k d may be generated from the new key pw enc . As an embodiment, the decryption key (k d ) may be deleted after completion of data decoding or after logout of the user device 1200, in order to enhance the security of the encrypted data (M enc ). In this case, the decryption key (k d ) may be newly generated from the encrypted secret (pw enc ) when decrypting the data or when the user device 1200 logs in.

In addition, the decoding method of FIG. 6 is paired with the encryption method described in FIG. Therefore, when the encryption method of FIG. 5 is the public key encryption method or the symmetric key encryption method, the decryption method of FIG. 6 may be a decryption method of the corresponding method.

According to the above configuration, the cloud system 1000 can decrypt the encrypted data M enc of the cloud server 1100 using the decryption key k d to obtain the original data M. [

On the other hand, Fig. 7 or the encrypted immediately re without decoding the data (M enc) encrypted with which encryption key (k e), the encrypted data (M enc) to another encryption key (k e ') data (M enc ').

This method provides a means for restoring the original data M even if the user loses the means (e. G. , Pw enc ) for decrypting the encrypted data M enc . At this time, after setting a new password pw enc 'and generating a decryption key k d ' corresponding thereto, the user sets the previous data M enc to be decryptable with the new decryption key k d ' Encryption (M enc ').

On the other hand, in the following embodiments, a method of responding to the case where the login ID and the login password (pw log ) are lost is not discussed. The login information (login ID and login password) is information stored in the cloud server 1100, and even if the user loses login information, the login information can be received again from the cloud server 1100 through a predetermined authentication procedure.

7 is a block diagram schematically illustrating a method of re-encryption of a cloud server according to embodiments of the present invention. (See 1100, Fig. 1) 7, a cloud server to the first encryption information (ke, kd) to re-encrypt the encrypted data 1110, 1120, second encryption information (k e ', k d Quot;) encrypted data 1130. < / RTI >

The encrypted data 1110 is data encrypted with the first encryption information (k e , k d ). The encrypted data 1110 is data (M enc ) obtained by encrypting the original data M by the first encryption key (k e ). The user can restore the original data M from the encrypted data 1110 using the first decryption key (k d ).

The re-encrypted data 1130 is the data encrypted by the first encryption information (e k, k d) which is different from the second encryption information (e k ', k d'). The re-encrypted data 1130 corresponds to the data (M enc ') obtained by encrypting the original data M by the second encryption key (k e '). The user can restore the original data M from the re-encrypted data 1130 using the second decryption key (k d ').

In FIG. 7, the cloud server 1100 converts the encrypted data 1110 to the re-encrypted data 1130 through a re-encryption operation 1120. [ At this time, the cloud server 1100 re-encrypts the encrypted data 1110 without decoding it, thereby generating the re-encrypted data 1130. [ Thus, the re-encryption operation 1120 does not require the first encryption information (k e , k d ). Further, the re-encryption operation 1120 does not require the second encryption information (k e ', k d '). However, the cloud server 1100 refers to the re-encryption key (k re ) provided from the user device 1200 (see FIG. 1) for the re-encryption operation 1120. Re-encryption key (k re) of the first encryption key (k e) and a second or an encrypted key, see (k e ') to produce a value, the first encryption key (k e) and the second encryption key (k e '), And may be a value different from the first encryption key (k e ) and the second encryption key (k e ').

8 and 9 are diagrams illustrating a method for generating new encryption information in a cloud system according to embodiments of the present invention. 8 shows a method of generating new encryption information when the user apparatus 1200 (see FIG. 1) is a participating client, and FIG. 9 shows a method of generating new encryption information when the user apparatus 1200 is a non-participating client.

8 and 9, a new decryption key (k d ') generated according to the new encryption information generation method is stored only in the user device 1200 (participating client or non-participating client), and is stored in the cloud server 1100 , See Fig. 1). Furthermore, a new encryption key (k e ') generated according to the new encryption information generation method may also be stored only in the user device 1200 (participating client or non-participating client) and not shared with the cloud server 1100. Only a re-encryption key (k re ) is generated and provided to the cloud server 1100 for re-encryption of the data (M enc ) stored in the cloud server 1100.

In the embodiment of Figures 8 and 9, the user assumes that the encrypted password pw enc has been lost. 8 and 9, the user sets a new encryption key pw enc 'and generates new encryption information (k e ', k d ') and re-encryption key (k re ) accordingly.

Referring to FIG. 8, a new encryption information generation method 300 is performed through communication between the participating client 1210 and the cloud server 1100.

The participating client 1210 reports the loss of the encrypted password pw enc to the cloud server 1100 (310). The lost report message is transmitted to the cloud server 1100, and the cloud server 1100 can confirm the user who transmitted the lost report through the login ID and the login password (pw log ).

The cloud server 1100 approves the loss report after user confirmation (320). Then, a new seed key (k s ') is generated and transmitted to the participating client 1210 (330). As an example, the cloud server 1100 may further send the required parameter values (e.g., g 1 or g 2 ) to the participating client 1210.

The user decides (340) a new encrypted secret (pw enc ') through the participating client 1210 and generates a new encrypted secret (pw enc ') in the same manner as the method for generating the encrypted information (k d , k e ) A new decryption key k d 'and a new encryption key k e ' are sequentially generated 350 by substituting the encryption key pw enc 'and the new seed key k s '.

The participating client 1210 refers to the generated new encryption information (k e ', k d ') and generates a re -encryption key (k re ). The generated re-encryption key (k re ) is a value determined with reference to new encryption information (e.g., k e ') and previous encryption information (e.g., k e ) , k e, and k e ') and information derived therefrom. For example, the re-encryption key (k re ) may be a value that represents the ratio of the referenced values as a fraction (i.e., k re = k e '/ k e ).

The participating client 1210 sends the re-encryption key k re to the cloud server 1100 and the cloud server 1100 re-encrypts the encrypted data M enc according to the re -encryption key k re . The re-encrypted data (M enc ') is data that can be decrypted with the new decryption key (k d ').

The specific method by which the cloud server 1100 re-encrypts using the re -encryption key (k re ) is described in detail in FIG. 10 and includes new encryption information (k e ', k d ') and re- k re ) are the same as described above.

9, a method 400 for generating new encryption information is performed through communication between the non-participating client 1220 and the cloud server 1100. [

The non-participating client 1220 reports the loss of the encrypted password pw enc to the cloud server 1100 (410). The lost report message is transmitted to the cloud server 1100, and the cloud server 1100 can confirm the user who transmitted the lost report through the login ID and the login password (pw log ).

The cloud server 1100 approves the loss report after user confirmation (420). Then, a new seed key (k s ') is generated and transmitted to the non-participating client 1220 (430). As an example, the cloud server 1100 may further send the required factor values (e.g., g 1 or g 2 ) to the non-participating client 1220.

The user in the new encrypted password by the method in the same manner to determine the (pw enc ') and generate (440), the encrypted information (k d, k e), generates a function (f) via a non-participating client 1220 A new decryption key (k d ') and a new encryption key (k e ') are sequentially generated (450) by substituting the new encryption key (pw enc ') and the new seed key (k s ').

The non-participating client 1220 transmits the generated new encryption information k e ', k d ' to the participating client 1210, and the participating client 1210 transmits the received encryption information k e ', k d 'In a storage medium (for example, data storage unit 1120). At this time, the non-participating client 1220 and the participating client 1210 are connected via the communication network 1300 (see FIG. 1) or other communication means.

Non-participating client 1220 refers to the generated new encryption information (k e ', k d ') and generates a re -encryption key (k re ). The generated re-encryption key (k re ) is a value determined with reference to new encryption information (e.g., k e ') and previous encryption information (e.g., k e ) , k e, and k e ') and information derived therefrom. For example, the re-encryption key (k re ) may be a value that represents the ratio of the referenced values as a fraction (i.e., k re = k e '/ k e ).

The non-participating client 1220 sends the re-encryption key k re to the cloud server 1100 and the cloud server 1100 re-encrypts the encrypted data M enc according to the re -encryption key k re . The re-encrypted data (M enc ') is data that can be decrypted with the new decryption key (k d ').

The specific method by which the cloud server 1100 re-encrypts using the re -encryption key (k re ) is described in detail in FIG. 10 and includes new encryption information (k e ', k d ') and re- k re ) are the same as described above.

10 is a flowchart specifically illustrating a data re-encryption method of a cloud system according to embodiments of the present invention. 10, the data re-encryption method of the cloud system 1000 (see FIG. 1) includes steps S310 to S360.

In step S310, the user reports the loss of the encrypted password pw enc through the user device 1200 (see FIG. 1). At this time, the user device 1200 may be the participating client 1210 or the non-participating client 1220 described above. The lost report is transmitted to the cloud server 1100 (see FIG. 1). The user can provide the login information (ID, pw log ) to the cloud server 1100 in order to receive the lost report.

In step S320, the cloud server 1100 generates a new seed key k s ' in accordance with the loss report of the user. Configured the same as a new seed key (k s ') is the previous seed key (k s) different from that this principle and, thus limited is not a new seed key (k s') is the previous seed key (k s) . The generated seed key (k s ') is transmitted to the user device 1200 via the communication network 1300 (see FIG. 1). As an example, the cloud server 1100 may further send the required parameter values (e.g., g 1 or g 2 ) to the user device 1200.

In step S330, the user determines a new encrypted password pw enc '. The user device 1200 receives the determined encryption secret pw enc 'and generates a new decryption key k d ' from the encrypted secret pw enc 'and the transmitted seed key k s '.

In step S340, the user device 1200 generates a new encryption key (k e ') from the decryption key (k d '). The details of how to generate generated keys (k e ', k d ') and keys (k e ', k d ') are the same as described above. For example, the user device 1200 may decrypt the decryption key (k d ') from the encrypted secret (pw enc ') and the transmitted seed key (k s ') according to the method described in equations (1) And sequentially generates an encryption key (k e ').

In step S350, the user device 1200 generates the re -encryption key (k re ) by referring to the new encryption information (k e 'or k d ') and the previous encryption information (k e or k d ). For example, when encryption is performed according to the method described in equations (1) to (4), the re-encryption key (k re ) can be determined by equation (5).

k re = k e '/ k e ... Equation (5)

The generated re-encryption key (k re ) is provided to the cloud server 1100 via the communication network 1300 (see FIG. 1).

In step S360, the cloud server 1100 re-encrypts the encrypted data M enc stored in the cloud server 1100 according to the provided re-encryption key (k re ). Here, the encrypted data M enc is data encrypted according to the first encryption key (k e ), and is data that can be decrypted by the first decryption key (k d ). The encrypted data M enc is converted into data M enc 'which can be decoded by the new decryption key k d ' by re-encryption. Depending on which of the known data encryption schemes the cloud system 1000 employs, the specific method of re-encryption may vary. For example, when data encryption is performed according to the method described in the equations (1) to (4), the re-encryption method is performed according to the following method.

First, a re-encryption function p: G T × G 1 × G 2 → G T × G 1 , where p (A, B, C) = (A × e (B, C), B) is defined. Then, the re-encryption function p (A, B, C) three input values assigned to the two parameters and the re-encryption key (k re) of the encrypted data (M enc) and, as a result, the re-encrypted data as the (M enc ').

That is, M enc = (C, Z), k re ? P (A, B, C)

p (C, Z, k re ) = (C x e (Z, k re ), Z) = M enc '.

(C, Z) = (M x e (g 1 , k e ) r , g 1 r ) and k re = k e '/ k e in the equations (3) Z, k re ) are transformed as shown in equations (6) and (7).

p (C, Z, k re ) = (C × e (Z, k re), Z) = (M × e (g 1, k e) r × e (g 1 r, k re), g 1 r ) ... Equation (6)

On the other hand, in equation (2), k e = g 2 kd , Since k e '= g 2 kd ,

p (C, Z, k re ) = (M × e (g 1, k e) r × e (g 1 r, k re), g 1 r)

= (M × e (g 1 , g 2 kd) r × e (g 1 r, g 2 kd'- kd), g 1 r)

= (M × e (g 1 , g 2) kd × r × e (g 1, g 2) (kd'- kd) × r, g 1 r)

= (M × e (g 1 , g 2) kd' × r, g 1 r)

= (M x e (g 1 , k e ') r , g 1 r ) = M enc ' Equation (7)

Referring to Equations (6) and (7), the re-encrypted data M enc 'is generated by replacing the original data M with a new encryption key k e ' ). ≪ / RTI > That is, the re-encrypted data M enc 'can be decrypted according to the method described in equation (4) using the new decryption key (k d ').

The cloud server 1100 and the re-encrypted data (M enc) is stored without the decoding process in the same manner as above, the user encrypted password Even if you lose your (pw enc) new encrypted password (pw enc ') accordingly So that the original data M can be restored.

While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is to be understood that the invention is not limited to the disclosed exemplary embodiments.

Also, although specific terms are used herein, they are used for the purpose of describing the invention only and are not used to limit the scope of the present disclosure as defined in the claims or the claims. Therefore, the scope of the present specification should not be limited to the above-described embodiments, but should be defined by the appended claims and their equivalents.

1000: Cloud system 1100: Cloud server
1200: user device 1300: communication network
1210: participating client 1220: non-participating client
1310: Mobile communication network 1320: Wireless LAN
1110: Processing section 1120: Data storage section
1130:

Claims (16)

1. A cloud server for providing a cloud storage service to a plurality of user devices,
A communication unit for performing communication between the plurality of user equipments and the cloud server;
A data storage unit for storing data received from at least one of the plurality of user devices; And
And a processor for re-encrypting the stored data to generate new data,
The stored data is encrypted data decoded into original data by a first decryption key,
The new data is encrypted data decrypted with the original data by the second decryption key,
The processing unit refers to a re-encryption key different from the first and second decryption keys, and performs the re-encryption without decryption to the original data by the first decryption key.
The method according to claim 1,
Wherein the first decryption key and the second decryption key are different from each other.
3. The method of claim 2,
Wherein decoding of the original data by the first decoding key and decoding of the original data by the second decoding key are performed by the same decoding algorithm.
The method according to claim 1,
Wherein the second decryption key is stored exclusively in the at least one user device.
5. The method of claim 4,
Wherein the stored data is data obtained by encrypting the original data with an encryption key corresponding to the first decryption key.
6. The method of claim 5,
Wherein the encryption key and the other encryption key corresponding to the second decryption key are stored exclusively in the at least one user device.
6. The method of claim 5,
The encryption of the original data by the encryption key is performed by an encryption algorithm represented by the formula M enc = (C, Z) = (M x e (g 1 , k e ) r , g 1 r )
Wherein M enc is the encrypted data, C and Z are two parameters included in the encrypted data, M is the original data, e is e (u a , v b ) = e (u , v) ab , where k e is the encryption key, g 1 is an argument value provided for encryption, and r is a random number.
8. The method of claim 7,
The decoding to the original data by the first decoding key is performed by a decoding algorithm using a function h expressed by the equation h (C, Z) = C / [e (Z, g 2 ) kd ]
K d is the first decryption key, g 2 is a factor value provided for decryption by the first decryption key,
Wherein the C and Z of the encrypted data are respectively assigned to the function h as independent variables in the decoding algorithm.
9. The method of claim 8,
The re-encryption of the stored data is performed by a re-encryption algorithm expressed by the formula M enc '= (A, B) = (C x e (Z, k re ), Z)
Wherein M enc 'is the re-encrypted new data, A and B are two parameters included in the re-encrypted new data, and k re is the re-encryption key.
6. The method of claim 5,
Wherein the at least one user device determines the re-encryption key by referring to the encryption key and the other encryption key, and provides the determined re-encryption key to the cloud server.
The method according to claim 1,
Wherein the at least one user device comprises one or more participating clients or non-participating clients.
A method of re-encrypting data in a cloud server that provides a cloud storage service to a plurality of user devices,
Checking a password lost message from at least one of the plurality of user devices;
Providing a seed key to the at least one user device in accordance with the confirmation result;
Generating a re-encryption key based on the seed key and the new password; And
And re-encrypting the first encrypted data decrypted with the first decryption key with the original data with the second decryption key with the second decrypted key decrypted with the original data with reference to the re-encryption key,
Wherein the re-encrypting step re-encrypts the first encrypted data with the second encrypted data without decryption to the original data by the first decryption key.
13. The method of claim 12,
Wherein the second decryption key is stored exclusively in the at least one user device.
13. The method of claim 12,
Wherein the second encrypted data is stored in the cloud server and is provided to the at least one user device upon request of the at least one user device.
13. The method of claim 12,
Wherein the first decryption key and the second decryption key are different from each other.
16. The method of claim 15,
Wherein the decoding of the original data by the first decryption key and the decryption of the original data by the second decryption key are performed by the same decoding algorithm.
KR20140060366A 2013-09-26 2014-05-20 Cloud server for re-encrypting the encrypted data and re-encrypting method thereof KR20150034591A (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR20130114652 2013-09-26
KR1020130114652 2013-09-26

Publications (1)

Publication Number Publication Date
KR20150034591A true KR20150034591A (en) 2015-04-03

Family

ID=53031375

Family Applications (1)

Application Number Title Priority Date Filing Date
KR20140060366A KR20150034591A (en) 2013-09-26 2014-05-20 Cloud server for re-encrypting the encrypted data and re-encrypting method thereof

Country Status (1)

Country Link
KR (1) KR20150034591A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019103360A1 (en) * 2017-11-21 2019-05-31 순천향대학교 산학협력단 Data management method and system based on proxy re-encryption in iot lightweight terminal environment
US20210135853A1 (en) * 2019-10-31 2021-05-06 Samsung Sds Co., Ltd. Apparatus and method for data security

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019103360A1 (en) * 2017-11-21 2019-05-31 순천향대학교 산학협력단 Data management method and system based on proxy re-encryption in iot lightweight terminal environment
US20210135853A1 (en) * 2019-10-31 2021-05-06 Samsung Sds Co., Ltd. Apparatus and method for data security

Similar Documents

Publication Publication Date Title
JP6573600B2 (en) A method performed by at least one server for processing data packets from a first computing device to a second computing device to allow end-to-end encrypted communication
CN103237040B (en) A kind of storage means, server and client side
US20140143541A1 (en) Method and Apparatus for Managing Encrypted Files in Network System
WO2012111713A1 (en) Key management system
KR102325725B1 (en) Digital certificate management method and device
CN103428221A (en) Safety logging method, system and device of mobile application
CN104145444A (en) Method of operating a computing device, computing device and computer program
JP6115573B2 (en) Cryptographic system, data storage system, and apparatus and method used therefor
CN103812927A (en) Storage method
US20180063095A1 (en) Data encipherment prior to recipient selection
CN105007254A (en) Data transmission method and system, and terminal
CN104145446A (en) Method of operating a computing device, computing device and computer program
US20210112039A1 (en) Sharing of encrypted files without decryption
Reshma et al. Pairing-free CP-ABE based cryptography combined with steganography for multimedia applications
JP2019102970A (en) Data sharing server device, key generation server device, communication terminal, and program
US11290277B2 (en) Data processing system
CN103716280A (en) Data transmission method, server and system
Weber A hybrid attribute-based encryption technique supporting expressive policies and dynamic attributes
KR20150034591A (en) Cloud server for re-encrypting the encrypted data and re-encrypting method thereof
KR20170084802A (en) Methdo and system for transmitting secure data in a terminal
KR101812311B1 (en) User terminal and data sharing method of user terminal based on attributed re-encryption
JP2017163326A (en) Encryption system, encryption method, and encryption program
JP5691549B2 (en) Policy management server device, server device, client device, and encryption algorithm switching system having the same
KR20210008100A (en) Central secret key management method for multiple user devices related to a single public key
CN111130796B (en) Secure online cloud storage method in instant messaging

Legal Events

Date Code Title Description
A201 Request for examination
E902 Notification of reason for refusal
E601 Decision to refuse application