Secure Electronic Voting with Flexible Ballot Structure

Aditya, Riza

January 2005

Voting is a fundamental decision making instrument in any consensus-based society. It is employed in various applications from student body elections, reality television shows, shareholder meetings, to national elections. With the motivation of better eciency, scalability, speed, and lower cost, voting is currently shifting from paper-based to the use of electronic medium. This is while aiming to achieve better security, such that voting result reflects true opinions of the voters. Our research focuses on the study of cryptographic voting protocols accommodating a flexible ballot structure as a foundation for building a secure electronic voting system with acceptable voting results. In particular, we search for a solution suitable for the preferential voting system employed in the Australian Federal Election. The outcomes of the research include: improvements and applications of batch proof and verication theorems and techniques, a proposed alternative homomorphic encryption based voting scheme, a proposed Extended Binary Mixing Gate (EBMG) mix-network scheme, a new threshold randomisation technique to achieve receipt-freeness property in voting, and the application of cryptographic voting protocol for preferential voting. The threats and corresponding requirements for a secure secret-ballot voting scheme are rst discussed. There are significant security concerns about the conduct of electronic voting, and it is essential that the voting results re ect the true opinions of the voters - especially in political elections. We examine and extend batch processing proofs and verifications theorems and proposed applications of the theorems useful for voting. Many instances of similar operations can be processed in a single instance using a batch technique based on one of the batch theorems. As the proofs and verications provide formal assurances that the voting process is secure, batch processing offers great efficiency improvements while retaining the security required in a real-world implementation of the protocol. The two main approaches in cryptographic voting protocols, homomorphic encryption based voting and mix-network based voting, are both studied in this research. An alternative homomorphic voting scheme using multiplicative homomorphism property, and a number of novel mix-network schemes are proposed. It is shown that compared to the mix-network approach, homomorphic encryption schemes are not scalable for straight-forward adaptation of preferential systems. One important requirement of secret-ballot voting is receipt-freeness. A randomisation technique to achieve receipt-freeness in voting is examined and applied in an ecient and practical voting scheme employing an optimistic mix-network. A more general technique using threshold randomisation is also proposed. Combination of the primitives, both the homomorphic encryption and mixnetwork approach, yields a hybrid approach producing a secure and ecient secret-ballot voting scheme accommodating a exible ballot structure. The resulting solution oers a promising foundation for secure and practical secret-ballot electronic voting accommodating any type of counting system.

Secure Electronic Voting

Cryptographic Voting Protocols

Secret-ballot Voting Scheme

Receipt-free Voting

Australian Federal Election

Preferential Systems

Batch Theorems

Efficient Voting Protocols

Homomorphic Encryption

Mix-network

Hybrid Scheme.

Chiffrement homomorphe et recherche par le contenu sécurisé de données externalisées et mutualisées : Application à l'imagerie médicale et l'aide au diagnostic / Homomorphic encryption and secure content based image retieval over outsourced data : Application to medical imaging and diagnostic assistance

Bellafqira, Reda

19 December 2017

La mutualisation et l'externalisation de données concernent de nombreux domaines y compris celui de la santé. Au-delà de la réduction des coûts de maintenance, l'intérêt est d'améliorer la prise en charge des patients par le déploiement d'outils d'aide au diagnostic fondés sur la réutilisation des données. Dans un tel environnement, la sécurité des données (confidentialité, intégrité et traçabilité) est un enjeu majeur. C'est dans ce contexte que s'inscrivent ces travaux de thèse. Ils concernent en particulier la sécurisation des techniques de recherche d'images par le contenu (CBIR) et de « machine learning » qui sont au c'ur des systèmes d'aide au diagnostic. Ces techniques permettent de trouver des images semblables à une image requête non encore interprétée. L'objectif est de définir des approches capables d'exploiter des données externalisées et sécurisées, et de permettre à un « cloud » de fournir une aide au diagnostic. Plusieurs mécanismes permettent le traitement de données chiffrées, mais la plupart sont dépendants d'interactions entre différentes entités (l'utilisateur, le cloud voire un tiers de confiance) et doivent être combinés judicieusement de manière à ne pas laisser fuir d'information lors d'un traitement.Au cours de ces trois années de thèse, nous nous sommes dans un premier temps intéressés à la sécurisation à l'aide du chiffrement homomorphe, d'un système de CBIR externalisé sous la contrainte d'aucune interaction entre le fournisseur de service et l'utilisateur. Dans un second temps, nous avons développé une approche de « Machine Learning » sécurisée fondée sur le perceptron multicouches, dont la phase d'apprentissage peut être externalisée de manière sûre, l'enjeu étant d'assurer la convergence de cette dernière. L'ensemble des données et des paramètres du modèle sont chiffrés. Du fait que ces systèmes d'aides doivent exploiter des informations issues de plusieurs sources, chacune externalisant ses données chiffrées sous sa propre clef, nous nous sommes intéressés au problème du partage de données chiffrées. Un problème traité par les schémas de « Proxy Re-Encryption » (PRE). Dans ce contexte, nous avons proposé le premier schéma PRE qui permet à la fois le partage et le traitement des données chiffrées. Nous avons également travaillé sur un schéma de tatouage de données chiffrées pour tracer et vérifier l'intégrité des données dans cet environnement partagé. Le message tatoué dans le chiffré est accessible que l'image soit ou non chiffrée et offre plusieurs services de sécurité fondés sur le tatouage. / Cloud computing has emerged as a successful paradigm allowing individuals and companies to store and process large amounts of data without a need to purchase and maintain their own networks and computer systems. In healthcare for example, different initiatives aim at sharing medical images and Personal Health Records (PHR) in between health professionals or hospitals with the help of the cloud. In such an environment, data security (confidentiality, integrity and traceability) is a major issue. In this context that these thesis works, it concerns in particular the securing of Content Based Image Retrieval (CBIR) techniques and machine learning (ML) which are at the heart of diagnostic decision support systems. These techniques make it possible to find similar images to an image not yet interpreted. The goal is to define approaches that can exploit secure externalized data and enable a cloud to provide a diagnostic support. Several mechanisms allow the processing of encrypted data, but most are dependent on interactions between different entities (the user, the cloud or a trusted third party) and must be combined judiciously so as to not leak information. During these three years of thesis, we initially focused on securing an outsourced CBIR system under the constraint of no interaction between the users and the service provider (cloud). In a second step, we have developed a secure machine learning approach based on multilayer perceptron (MLP), whose learning phase can be outsourced in a secure way, the challenge being to ensure the convergence of the MLP. All the data and parameters of the model are encrypted using homomorphic encryption. Because these systems need to use information from multiple sources, each of which outsources its encrypted data under its own key, we are interested in the problem of sharing encrypted data. A problem known by the "Proxy Re-Encryption" (PRE) schemes. In this context, we have proposed the first PRE scheme that allows both the sharing and the processing of encrypted data. We also worked on watermarking scheme over encrypted data in order to trace and verify the integrity of data in this shared environment. The embedded message is accessible whether or not the image is encrypted and provides several services.

Cloud-Computing

Chiffrement homomorphe

Calcul multipartite sécurisé

Recherche par le contenu

Proxy Re-Encryption

Tatouage des images

Apprentissage automatique sécurisé

Homomorphic encryption

Digital watermarking

Cloud-Computing

Secure machine learning

Secure multiparty computation

Content based image retrieval

004

以智能合約實現分散式電子投票與投標系統 / Distributed E-Voting and E-Bidding Systems Based on Smart Contract

蕭人和, Hsiao, Jen-Ho

Unknown Date

區塊鏈有著不可否認性、可追溯性以及共識性等特點，所有的交易內容都會完整的被記錄在區塊鏈上，基於上述幾項特性，我們利用區塊鏈來記錄公開資訊，將私密資料經由分散式秘密共享後再加密存放於智能合約中。其中，智能合約是一個能將交易狀態和交易狀態內嵌於區塊鏈上的應用，透過智能合約作為媒介，我們能夠將加密後的私密資料完整的存放於區塊鏈上，最後經由區塊鏈網路上的節點驗證後，達到資料正確性驗證的目的。 本研究分析現有的電子投票以及電子投標等應用的系統架構後，發現兩者皆存在著可信賴的第三方進行開票及開標的角色，且驗證流程繁瑣，無法提供一個便利性的投票與投標流程。此外，上述兩種應用皆須滿足機密性、不可否認性、匿名性以及可驗證性等安全性質，若能結合區塊鏈與智能合約於上述應用中，將可提升資料的可驗證性以及降低成本的負擔，對參與應用的人而言也能達到公開透明的需求。 因此，本文提出一個分散式架構下的電子投票與投標機制，結合區塊鏈以及智能合約的優點與技術，讓所有參與投票的選民、投標的廠商共同參與驗證與計算，並加強參與者的匿名性、資料傳輸的隱私性、開票與開標階段資料的可信賴性以及可驗證性。 / With the rise of blockchain technology, the core concept of decentralization has gradually drawn attention. In this context, the main objective of this study is to realize more convenient and secure electronic applications with the use of blockchain technology. This research is aimed to design a distributed e-voting and e-bidding system. The core idea is to combine the blockchain technology with secret sharing scheme and homomorphic encryption in order to realize the distributed e-voting and e-bidding application without a trusted third party. The system allows voters to participate in opening phase. It provides a public and transparent process while protecting the anonymity of voter’s and vendor’s identity, the privacy of data transmission and verifiability of data during the opening phase.

區塊鏈

秘密共享

電子投票

同態加密

智能合約

分散式

Blockchain

Secret-sharing

E-voting

Homomorphic

Smart contract

Distributed

Paillier encryption

Sex Chromosome Evolution in Blow Flies

Anne Amarila Andere (9120365)

28 July 2020

<div>Chromosomal mechanisms of sex determination vary greatly in phylogenetically closely related species, indicative of rapid evolutionary rates. Sex chromosome karyotypes are generally conserved within families; however, many species have derived sex chromosome configurations. Insects display a plethora of sex chromosome systems due to rapid diversification caused by changes in evolutionary processes within and between species. A good example of such a system are insects in the blow fly family Calliphoridae. While cytogenetic studies observe that the karyotype in blow flies is highly conserved (five pairs of autosomal chromosomes and one pair sex chromosome), there is variation in sex determining mechanisms and sex chromosome structure within closely related species in blow flies. The evolutionary history of sex chromosomes in blow fly species have not been fully explored. Therefore, the objective of this research was to characterize the sex chromosome structures in four species of blow flies and investigate the selective forces which have played a role in shaping the diverse sex chromosome system observed in blow flies. The blow fly species used in this study are Phormia regina, Lucilia cuprina, Chrysomya rufifacies and Chrysomya albiceps. Phormia regina,and Lucilia cuprina have a heteromorphic sex chromosome system and are amphogenic (females produce both male and female offspring in equal ratio). In contrast, Chrysomya rufifacies and Chrysomya albiceps, have a homomorphic sex chromosome system, are monogenic (females produce unisexual progeny), have two types of females (arrhenogenic females – male producers and thelygenic females – female producers), and sex of the offspring is determined by the maternal genotype. </div><div>To accomplish these tasks, a total of nine male and female individual draft genomes for each of the four species (including three individual draft genomes of Chrysomya rufifacies – male, and the two females) were sequenced and assembled providing genomic data to explore sex chromosome evolution in blow flies. Whole genome analysis was utilized to characterize and identify putative sex chromosomal sequences of the four blow fly species. Genomic evidence confirmed the presence of genetically differentiated sex chromosomes in P. regina and L. cuprina; and genetically undifferentiated sex chromosomes in C. rufifacies and C. albiceps. Furthermore, comparative analysis of the ancestral Dipteran sex chromosome (Muller element F in Drosophila) was determined to be X-linked in P. regina and L. cuprina contributing to sex chromosome differentiation but not sex-linked in C. rufifacies and C. albiceps. Evolutionary pressures are often quantified by the ratio of substitution rates at non-synonymous (dN) and synonymous (dS) sites. Substitution rate ratio analysis (dN/dS) of homologous genes indicated a weaker purifying selection may have contributed to the loss of sex-linked genes in Muller element F genes of the undifferentiated sex chromosome as compared to the differentiated sex chromosome system. Overall, the results presented herein greatly expands our knowledge in sex chromosome evolution within blow flies and will reinforce the study of sex chromosome evolution in other species with diverse sex chromosome systems.</div><div><br></div>

Evolutionary Biology

Bioinformatics

Computational Biology

Phylogeny and Comparative Analysis

Genomics

blow fly

sex chromosome evolution

Homomorphic sex chromosomes

undifferentiated sex chromosomes

Muller element F

Calliphoridae

Chrysomya rufifacies

Fully homomorphic encryption for machine learning / Chiffrement totalement homomorphe pour l'apprentissage automatique

Minelli, Michele

26 October 2018

Le chiffrement totalement homomorphe permet d’effectuer des calculs sur des données chiffrées sans fuite d’information sur celles-ci. Pour résumer, un utilisateur peut chiffrer des données, tandis qu’un serveur, qui n’a pas accès à la clé de déchiffrement, peut appliquer à l’aveugle un algorithme sur ces entrées. Le résultat final est lui aussi chiffré, et il ne peut être lu que par l’utilisateur qui possède la clé secrète. Dans cette thèse, nous présentons des nouvelles techniques et constructions pour le chiffrement totalement homomorphe qui sont motivées par des applications en apprentissage automatique, en portant une attention particulière au problème de l’inférence homomorphe, c’est-à-dire l’évaluation de modèles cognitifs déjà entrainé sur des données chiffrées. Premièrement, nous proposons un nouveau schéma de chiffrement totalement homomorphe adapté à l’évaluation de réseaux de neurones artificiels sur des données chiffrées. Notre schéma atteint une complexité qui est essentiellement indépendante du nombre de couches dans le réseau, alors que l’efficacité des schéma proposés précédemment dépend fortement de la topologie du réseau. Ensuite, nous présentons une nouvelle technique pour préserver la confidentialité du circuit pour le chiffrement totalement homomorphe. Ceci permet de cacher l’algorithme qui a été exécuté sur les données chiffrées, comme nécessaire pour protéger les modèles propriétaires d’apprentissage automatique. Notre mécanisme rajoute un coût supplémentaire très faible pour un niveau de sécurité égal. Ensemble, ces résultats renforcent les fondations du chiffrement totalement homomorphe efficace pour l’apprentissage automatique, et représentent un pas en avant vers l’apprentissage profond pratique préservant la confidentialité. Enfin, nous présentons et implémentons un protocole basé sur le chiffrement totalement homomorphe pour le problème de recherche d’information confidentielle, c’est-à-dire un scénario où un utilisateur envoie une requête à une base de donnée tenue par un serveur sans révéler cette requête. / Fully homomorphic encryption enables computation on encrypted data without leaking any information about the underlying data. In short, a party can encrypt some input data, while another party, that does not have access to the decryption key, can blindly perform some computation on this encrypted input. The final result is also encrypted, and it can be recovered only by the party that possesses the secret key. In this thesis, we present new techniques/designs for FHE that are motivated by applications to machine learning, with a particular attention to the problem of homomorphic inference, i.e., the evaluation of already trained cognitive models on encrypted data. First, we propose a novel FHE scheme that is tailored to evaluating neural networks on encrypted inputs. Our scheme achieves complexity that is essentially independent of the number of layers in the network, whereas the efficiency of previously proposed schemes strongly depends on the topology of the network. Second, we present a new technique for achieving circuit privacy for FHE. This allows us to hide the computation that is performed on the encrypted data, as is necessary to protect proprietary machine learning algorithms. Our mechanism incurs very small computational overhead while keeping the same security parameters. Together, these results strengthen the foundations of efficient FHE for machine learning, and pave the way towards practical privacy-preserving deep learning. Finally, we present and implement a protocol based on homomorphic encryption for the problem of private information retrieval, i.e., the scenario where a party wants to query a database held by another party without revealing the query itself.

Chiffrement totalement homomorphe

Informatique en nuage

Apprentissage automatique

Confidentialité du circuit

Recherche d'information confidentielle

Lattice based cryptography

Fully homomorphic encryption

Cloud computing

Machine learning

Circuit privacy

Private information retrieval

005.8

Secure and Efficient Comparisons between Untrusted Parties

Beck, Martin

11 September 2018

A vast number of online services is based on users contributing their personal information. Examples are manifold, including social networks, electronic commerce, sharing websites, lodging platforms, and genealogy. In all cases user privacy depends on a collective trust upon all involved intermediaries, like service providers, operators, administrators or even help desk staff. A single adversarial party in the whole chain of trust voids user privacy. Even more, the number of intermediaries is ever growing. Thus, user privacy must be preserved at every time and stage, independent of the intrinsic goals any involved party. Furthermore, next to these new services, traditional offline analytic systems are replaced by online services run in large data centers. Centralized processing of electronic medical records, genomic data or other health-related information is anticipated due to advances in medical research, better analytic results based on large amounts of medical information and lowered costs. In these scenarios privacy is of utmost concern due to the large amount of personal information contained within the centralized data. We focus on the challenge of privacy-preserving processing on genomic data, specifically comparing genomic sequences. The problem that arises is how to efficiently compare private sequences of two parties while preserving confidentiality of the compared data. It follows that the privacy of the data owner must be preserved, which means that as little information as possible must be leaked to any party participating in the comparison. Leakage can happen at several points during a comparison. The secured inputs for the comparing party might leak some information about the original input, or the output might leak information about the inputs. In the latter case, results of several comparisons can be combined to infer information about the confidential input of the party under observation. Genomic sequences serve as a use-case, but the proposed solutions are more general and can be applied to the generic field of privacy-preserving comparison of sequences. The solution should be efficient such that performing a comparison yields runtimes linear in the length of the input sequences and thus producing acceptable costs for a typical use-case. To tackle the problem of efficient, privacy-preserving sequence comparisons, we propose a framework consisting of three main parts. a) The basic protocol presents an efficient sequence comparison algorithm, which transforms a sequence into a set representation, allowing to approximate distance measures over input sequences using distance measures over sets. The sets are then represented by an efficient data structure - the Bloom filter -, which allows evaluation of certain set operations without storing the actual elements of the possibly large set. This representation yields low distortion for comparing similar sequences. Operations upon the set representation are carried out using efficient, partially homomorphic cryptographic systems for data confidentiality of the inputs. The output can be adjusted to either return the actual approximated distance or the result of an in-range check of the approximated distance. b) Building upon this efficient basic protocol we introduce the first mechanism to reduce the success of inference attacks by detecting and rejecting similar queries in a privacy-preserving way. This is achieved by generating generalized commitments for inputs. This generalization is done by treating inputs as messages received from a noise channel, upon which error-correction from coding theory is applied. This way similar inputs are defined as inputs having a hamming distance of their generalized inputs below a certain predefined threshold. We present a protocol to perform a zero-knowledge proof to assess if the generalized input is indeed a generalization of the actual input. Furthermore, we generalize a very efficient inference attack on privacy-preserving sequence comparison protocols and use it to evaluate our inference-control mechanism. c) The third part of the framework lightens the computational load of the client taking part in the comparison protocol by presenting a compression mechanism for partially homomorphic cryptographic schemes. It reduces the transmission and storage overhead induced by the semantically secure homomorphic encryption schemes, as well as encryption latency. The compression is achieved by constructing an asymmetric stream cipher such that the generated ciphertext can be converted into a ciphertext of an associated homomorphic encryption scheme without revealing any information about the plaintext. This is the first compression scheme available for partially homomorphic encryption schemes. Compression of ciphertexts of fully homomorphic encryption schemes are several orders of magnitude slower at the conversion from the transmission ciphertext to the homomorphically encrypted ciphertext. Indeed our compression scheme achieves optimal conversion performance. It further allows to generate keystreams offline and thus supports offloading to trusted devices. This way transmission-, storage- and power-efficiency is improved. We give security proofs for all relevant parts of the proposed protocols and algorithms to evaluate their security. A performance evaluation of the core components demonstrates the practicability of our proposed solutions including a theoretical analysis and practical experiments to show the accuracy as well as efficiency of approximations and probabilistic algorithms. Several variations and configurations to detect similar inputs are studied during an in-depth discussion of the inference-control mechanism. A human mitochondrial genome database is used for the practical evaluation to compare genomic sequences and detect similar inputs as described by the use-case. In summary we show that it is indeed possible to construct an efficient and privacy-preserving (genomic) sequences comparison, while being able to control the amount of information that leaves the comparison. To the best of our knowledge we also contribute to the field by proposing the first efficient privacy-preserving inference detection and control mechanism, as well as the first ciphertext compression system for partially homomorphic cryptographic systems.

info:eu-repo/classification/ddc/004

ddc:004

Sécurité assistée par ordinateur pour les primitives cryptgraphiques, les protocoles de vote électronique et les réseaux de capteurs sans fil.

Lafourcade, Pascal

06 November 2012

La sécurité est une des préoccupations principales de l'informatique moderne. De plus en plus de personnes utilisent un ordinateur pour des opérations sensibles comme pour des transferts bancaires, des achats sur internet, le payement des impôts ou même pour voter. La plupart de ces utilisateurs ne savent pas comment la sécurité est assurée, par conséquence ils font totalement confiance à leurs applications. Souvent ces applications utilisent des protocoles cryptographiques qui sont sujet à erreur, comme le montre la célèbre faille de sécurité découverte sur le protocole de Needham-Schroeder dix-sept ans après sa publication. Ces erreurs proviennent de plusieurs aspects : -- Les preuves de primitives cryptographiques peuvent contenir des erreurs. -- Les propriétés de sécurité ne sont pas bien spécifiées, par conséquence, il n'est pas facile d'en faire la preuve. -- Les hypothèses faites sur le modèle de l'intrus sont trop restrictives. Dans cette habilitation, nous présentons des méthodes formelles pour vérifier la sécurité selon ces trois aspects. Tout d'abord, nous construisons des logiques de Hoare afin de prouver la sécurité de primitives cryptographiques comme les chiffrements à clef publique, les modes de chiffrement asymétriques et les codes d'authentification de message ( Message authentication codes, MACs). Nous étudions aussi les protocoles de votes électroniques et les réseaux de capteus sans fil ( Wireless Sensor Networks, WSNs ). Dans ces deux domaines, nous analysons les propriétés de sécurité afin de les modéliser formellement. Ensuite nous développons des techniques appropriées afin de les vérifier.

Formal verification

computational model

symbolic model

concrete security

public encryption scheme

encryption modes

MAC

homomorphic encryption

privacy

electronic voting protocol

wireless sensor networks

neigbourhood discovery

indpendent intruders

routing algorithms

resilience

Potlačení strukturního šumu typu spekle / Speckle noise suppression

Kuchař, Otakar

January 2018

Master thesis deals with the study of ultrasound. The first part of this work is devoted to basic physical principles, imaging modes, ultrasound probes, biological effects and the last part is associated with the artifact associated with ultrasound waves. In the next part the specific noise called speckle noise is detaily discussed. The description includes both a mathematical and a statistical view. Several methods are described to eliminate this noise. In the practical part the described methods are realized and compared based on objective and subjective evaluation.

Cloud data storage security based on cryptographic mechanisms / La sécurité des données stockées dans un environnement cloud, basée sur des mécanismes cryptographiques

Kaaniche, Nesrine

15 December 2014

Au cours de la dernière décennie, avec la standardisation d’Internet, le développement des réseaux à haut débit, le paiement à l’usage et la quête sociétale de la mobilité, le monde informatique a vu se populariser un nouveau paradigme, le Cloud. Le recours au cloud est de plus en plus remarquable compte tenu de plusieurs facteurs, notamment ses architectures rentables, prenant en charge la transmission, le stockage et le calcul intensif de données. Cependant, ces services de stockage prometteurs soulèvent la question de la protection des données et de la conformité aux réglementations, considérablement due à la perte de maîtrise et de gouvernance. Cette dissertation vise à surmonter ce dilemme, tout en tenant compte de deux préoccupations de sécurité des données, à savoir la confidentialité des données et l’intégrité des données. En premier lieu, nous nous concentrons sur la confidentialité des données, un enjeu assez considérable étant donné le partage de données flexible au sein d’un groupe dynamique d’utilisateurs. Cet enjeu exige, par conséquence, un partage efficace des clés entre les membres du groupe. Pour répondre à cette préoccupation, nous avons, d’une part, proposé une nouvelle méthode reposant sur l’utilisation de la cryptographie basée sur l’identité (IBC), où chaque client agit comme une entité génératrice de clés privées. Ainsi, il génère ses propres éléments publics et s’en sert pour le calcul de sa clé privée correspondante. Grâce aux propriétés d’IBC, cette contribution a démontré sa résistance face aux accès non autorisés aux données au cours du processus de partage, tout en tenant compte de deux modèles de sécurité, à savoir un serveur de stockage honnête mais curieux et un utilisateur malveillant. D’autre part, nous définissons CloudaSec, une solution à base de clé publique, qui propose la séparation de la gestion des clés et les techniques de chiffrement, sur deux couches. En effet, CloudaSec permet un déploiement flexible d’un scénario de partage de données ainsi que des garanties de sécurité solides pour les données externalisées sur les serveurs du cloud. Les résultats expérimentaux, sous OpenStack Swift, ont prouvé l’efficacité de CloudaSec, en tenant compte de l’impact des opérations cryptographiques sur le terminal du client. En deuxième lieu, nous abordons la problématique de la preuve de possession de données (PDP). En fait, le client du cloud doit avoir un moyen efficace lui permettant d’effectuer des vérifications périodiques d’intégrité à distance, sans garder les données localement. La preuve de possession se base sur trois aspects : le niveau de sécurité, la vérification publique, et les performances. Cet enjeu est amplifié par des contraintes de stockage et de calcul du terminal client et de la taille des données externalisées. Afin de satisfaire à cette exigence de sécurité, nous définissons d’abord un nouveau protocole PDP, sans apport de connaissance, qui fournit des garanties déterministes de vérification d’intégrité, en s’appuyant sur l’unicité de la division euclidienne. Ces garanties sont considérées comme intéressantes par rapport à plusieurs schémas proposés, présentant des approches probabilistes. Ensuite, nous proposons SHoPS, un protocole de preuve de possession de données capable de traiter les trois relations d’ensembles homomorphiques. SHoPS permet ainsi au client non seulement d’obtenir une preuve de la possession du serveur distant, mais aussi de vérifier que le fichier, en question, est bien réparti sur plusieurs périphériques de stockage permettant d’atteindre un certain niveau de la tolérance aux pannes. En effet, nous présentons l’ensemble des propriétés homomorphiques, qui étend la malléabilité du procédé aux propriétés d’union, intersection et inclusion / Recent technological advances have given rise to the popularity and success of cloud. This new paradigm is gaining an expanding interest, since it provides cost efficient architectures that support the transmission, storage, and intensive computing of data. However, these promising storage services bring many challenging design issues, considerably due to the loss of data control. These challenges, namely data confidentiality and data integrity, have significant influence on the security and performances of the cloud system. This thesis aims at overcoming this trade-off, while considering two data security concerns. On one hand, we focus on data confidentiality preservation which becomes more complex with flexible data sharing among a dynamic group of users. It requires the secrecy of outsourced data and an efficient sharing of decrypting keys between different authorized users. For this purpose, we, first, proposed a new method relying on the use of ID-Based Cryptography (IBC), where each client acts as a Private Key Generator (PKG). That is, he generates his own public elements and derives his corresponding private key using a secret. Thanks to IBC properties, this contribution is shown to support data privacy and confidentiality, and to be resistant to unauthorized access to data during the sharing process, while considering two realistic threat models, namely an honest but curious server and a malicious user adversary. Second, we define CloudaSec, a public key based solution, which proposes the separation of subscription-based key management and confidentiality-oriented asymmetric encryption policies. That is, CloudaSec enables flexible and scalable deployment of the solution as well as strong security guarantees for outsourced data in cloud servers. Experimental results, under OpenStack Swift, have proven the efficiency of CloudaSec in scalable data sharing, while considering the impact of the cryptographic operations at the client side. On the other hand, we address the Proof of Data Possession (PDP) concern. In fact, the cloud customer should have an efficient way to perform periodical remote integrity verifications, without keeping the data locally, following three substantial aspects : security level, public verifiability, and performance. This concern is magnified by the client’s constrained storage and computation capabilities and the large size of outsourced data. In order to fulfill this security requirement, we first define a new zero-knowledge PDP proto- col that provides deterministic integrity verification guarantees, relying on the uniqueness of the Euclidean Division. These guarantees are considered as interesting, compared to several proposed schemes, presenting probabilistic approaches. Then, we propose SHoPS, a Set-Homomorphic Proof of Data Possession scheme, supporting the 3 levels of data verification. SHoPS enables the cloud client not only to obtain a proof of possession from the remote server, but also to verify that a given data file is distributed across multiple storage devices to achieve a certain desired level of fault tolerance. Indeed, we present the set homomorphism property, which extends malleability to set operations properties, such as union, intersection and inclusion. SHoPS presents high security level and low processing complexity. For instance, SHoPS saves energy within the cloud provider by distributing the computation over multiple nodes. Each node provides proofs of local data block sets. This is to make applicable, a resulting proof over sets of data blocks, satisfying several needs, such as, proofs aggregation

Stockage des données dans le cloud

Confidentialité des données

Intégrité des données

Preuve de possession de données

Sécurité des données dans le cloud

Cryptographie basée sur l'identité

Cryptographie homomorphique

Preuve sans apport de connaissance

Cloud data storage

Data confidentiality

Data integrity

Proof of data possession

Cloud data security

Identity based cryptography

Homomorphic cryptography

Zero-knowledge proofs