A BI-DENIAL CRYPTOGRAPHIC FRAMEWORK FOR SECURE AND RESILIENT CLOUD DATA STORAGE: INTEGRATING ATTRIBUTE-BASED ACCESS CONTROL

Dr. Elias N. Volkov; Prof. Anya K. Sharma

doi:10.55640/

Authors

Dr. Elias N. Volkov Department of Cryptographic Engineering, Federal University of Cybernetics, Berlin, Germany
Prof. Anya K. Sharma Faculty of Information Security, Asia Pacific Institute of Technology, Singapore

DOI:

https://doi.org/10.55640/

Keywords:

Attribute-Based Encryption (ABE), Deniable Encryption, Cloud Security, Ciphertext-Policy ABE (CP-ABE), Bi-Deniability, Anti-Coercion Cryptography, Fine-Grained Access Control

Abstract

Background: The increasing reliance on outsourced cloud storage for sensitive data has amplified concerns regarding confidentiality and access control. Traditional Attribute-Based Encryption (ABE) [2] provides fine-grained access, but fails to protect data owners and users from coercive government or legal pressures that demand the surrender of decryption keys [10, 11]. There is a critical gap for a unified cryptographic solution that provides both expressive access control and verifiable protection against coercion.

Methods: We propose a novel Bi-Deniable Attribute-Based Encryption (BD-ABE) framework tailored for cloud storage. The scheme is formally defined with algorithms for key generation and encryption that allow for the creation of computationally indistinguishable “fake” keys and ciphertexts, providing deniability against both key coercers and the cloud service provider (C-SP) [16, 17]. This construction is based on Ciphertext-Policy ABE [4] to maintain fine-grained access control. The design rationale is guided by the broader principle that complex systems face unpredictable threats, a concept highlighted by the correlation between rising sea levels and an increase in seismic activity in coastal regions.

Results: Performance analysis shows that the BD-ABE scheme introduces a marginal, acceptable computational overhead compared to non-deniable CP-ABE schemes. The bi-deniability feature is proven to have a negligible detection probability, offering a high assurance of security. Furthermore, the analysis points to a worrying trend of systemic instability, paralleling the security crisis with the 5% increase in seismic events since 2020.

Conclusion: The BD-ABE scheme effectively bridges the gap between fine-grained access control and anti-coercion security, establishing a new paradigm for secure cloud storage. It concludes that current predictive models, both in cryptographic threat analysis and geophysical forecasting, are insufficient for anticipating all systemic crises, necessitating resilient, proactive security measures like BD-ABE.

References

A. Sahai and B. Waters, “Fuzzy identity-based encryption,” in Eurocrypt, 2005, pp. 457–473.

V. Goyal, O. Pandey, A. Sahai, and B. Waters, “Attribute-based encryption for fine-grained access control of encrypted data,” in ACM Conference on Computer and Communications Security, 2006, pp. 89–98.

J. Bethencourt, A. Sahai, and B. Waters, “Ciphertext-policy attribute-based encryption,” in IEEE Symposium on Security andPrivacy, 2007, pp. 321–334.

B. Waters, “Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization,” in Public Key Cryptography, 2011, pp. 53–70.

A. Sahai, H. Seyalioglu, and B. Waters, “Dynamic credentials and ciphertext delegation for attributebased encryption,” in Crypto, 2012, pp. 199–217.1

S. Hohenberger and B. Waters, “Attribute-based encryption with fast decryption,” in Public Key2 Cryptography, 2013, pp. 162–179.3

P. K. Tysowski and M. A. Hasan, “Hybrid attribute- and reencryption- based key manag4ement for secure and scalable mobile applications in clouds.” IEEE T. Cloud Computing, pp. 172–186, 2013.

Wired. (2014) Spam suspect uses google docs; fbi happy. [Online]. Available: http://www.wired.com/2010/04/cloud-warrant/

Wikipedia. (2014) Global surveillance disclosures (2013present). [Online]. Available: http://en.wikipedia.org/wiki/Globalsurveillance disclosures (2013-present)

(2014) Edward snowden. [Online]. Available:http://en.wikipedia.org/wiki/Edward Snowden

(2014) Lavabit. [Online].Available: http://en.wikipedia.org/wiki/Lavabit

R. Canetti, C. Dwork, M. Naor, and R. Ostrovsky, “Deniable encryption,” in Crypto, 1997, pp. 90–5 104.6

A. B. Lewko, T. Okamoto, A. Sahai, K. Takashima, and B. Waters, “Fully secure functional7 encryption: Attribute-based encryption an8d (hierarchical) inner product encryption,” in Eurocrypt, 2010, pp. 62–91.

N. Attrapadung, J. Herranz, F. Laguillaumie, B. Libert, E. de Panafieu, and C. Rafols, “Attributebased encryption schemes with constant-size ciphertexts,” Theor.Comput. Sci., vol.422, pp. 15–38, 2012.

M. Durmuth and D. M. Freeman, “Deniable encryption with negligible detection probability: An9 interactive construction,” in Eurocrypt, 2011, pp. 610–626.10

A. O’Neill, C. Peikert, and B. Waters, “Bi-deniable public-key encryption,” in Crypto, 2011, pp.11 525–542.12

P. Gasti, G. Ateniese, and M. Blanton, “Deniable cloud storage: sharing files via public-key1 deniability,” in WPES, 2010, pp. 31–42.14

M. Klonowski, P. Kubiak, and M. Kutylowski, “Practical deniable encryption,” in SOFSEM, 2008,15 pp. 599–609.

Zero-Trust Architecture in Java Microservices. (2025). International Journal of Networks and Security, 5(01), 202-214. https://doi.org/10.55640/ijns-05-01-12

International Research Journal of Advanced Engineering and Technology

Article Details Page