Showing total 79 results

1. Privacy-Preserving Confidential Reporting System With Designated Reporters.

Author

Han, Jinguang, Susilo, Willy, Chen, Liquan, Lai, Jianchang, and Wu, Ge

Subjects

*DATA encryption, *DATA privacy, *DATA security, *CRYPTOSYSTEMS, *CLOUD computing

Abstract

A confidential reporting system (CRS) allows reporters to report concerns or problems in confidence without the fear of blame or reprisals. Nevertheless, privacy has been the primary concern of reporters. In this paper, we propose a privacy-preserving confidential reporting system with designated reporters (PPCRS-DR) to protect the privacy of reporters and the confidentiality of reports. Our PPCRS-DR provides the following interesting features: (1) for an event, an auditor can designate a reporter to report; (2) an auditor can neither see the report nor know the reporter's identity from an encrypted report if the reporter is not the designated one; (3) when an auditor is unavailable, he/she can temporarily designate a delegatee to collect and review reports on behalf of him/her. We formalize both the definition and security model of our PPCRS-DR, and propose a concrete construction. Furthermore, the security of the proposed PPCRS-DR is formally proven. The implementation shows that it is efficient. The novelty is to implement flexible decryption delegation of CRSs and protect reporters' privacy. [ABSTRACT FROM AUTHOR]

Published

2024

2. Optimal Symmetric Ratcheting for Secure Communication.

Author

Yan, Hailun, Vaudenay, Serge, Collins, Daniel, and Caforio, Andrea

Subjects

*ADVANCED Encryption Standard, *INSTANT messaging, *DATA encryption, *ENCRYPTION protocols

Abstract

To mitigate state exposure threats to long-lived instant messaging sessions, ratcheting was introduced, which is used in practice in protocols like Signal. However, existing ratcheting protocols generally come with a high cost. Recently, Caforio et al. proposed pragmatic constructions, which compose a weakly secure 'light' protocol and a strongly secure 'heavy' protocol, in order to achieve so-called ratcheting on-demand. The light protocol they proposed has still a high complexity. In this paper, we propose the lightest possible protocol we could imagine, which essentially encrypts and then hashes the secret key. We prove it secure in the standard model by introducing a new security notion, which relates symmetric encryption with key updates by hashing. Our protocol composes well with the generic transformation techniques by Caforio et al. to offer high security and performance at the same time. In a second step, we propose another protocol based on a newly defined integrated primitive, extending standard one-time authenticated encryption with an additional output block used as a secret key for the next message. We instantiate this primitive firstly from any authenticated encryption with associated data, and then we propose an efficient instantiation using advanced encryption standard (AES) encryption to update the key and AES-Galois/Counter mode of operation to encrypt and decrypt messages. [ABSTRACT FROM AUTHOR]

Published

2023

3. Guess-and-Determine Attacks on AEGIS.

Author

Jiao, Lin, Li, Yongqiang, and Du, Shaoyu

Subjects

*BOOLEAN functions, *DATA encryption, *COLUMNS

Abstract

AEGIS is one of the authenticated encryption with associated data designs selected for the final portfolio of the CAESAR competition. It combines the AES round function and simple Boolean operations to update its large state and extract a keystream to achieve an excellent software performance. The AEGIS family consists of AEGIS-128, AEGIS-256 and AEGIS-128L, which use 5, 6 and 8 parallel AES round functions to process 128, 128 and 256 bits message block per step with slightly different output functions separately. Surprisingly, very few cryptanalytic results on AEGIS have been published so far. This paper presents the first guess-and-determine attacks on AEGIS family. Firstly, we propose a new observation on the structure of AEGIS that the relations of fixed variables remain in the outputs at consecutive steps under some conditions on the AND operations, and the vectorial bitwise AND operation is biased, which is able to derive the additional variables added directly. Secondly, we add several techniques, such as divide and conquer on byte-based columns, reduction by meet in the middle and simplification through constraints on variables, for each AEGIS member. Finally, we conduct guess-and-determine attacks on AEGIS-128, AEGIS-256 and AEGIS-128L and result in a complexity of |$2^{309}$|⁠ , |$2^{437}$| and |$2^{384}$| to |$2^{416}$|⁠ , respectively. Although neither attack threatens the practical security of AEGIS, it has great significance to evaluate the resistance of such structure compared with their large internal state exploited of 640, 768 and 1024 bits. It is also the first internal state recovery attack on AEGIS without nonce reusing, while only distinguishing attacks on AEGIS exist up to now. [ABSTRACT FROM AUTHOR]

Published

2022

4. Secure and Differentiated Fog-Assisted Data Access for Internet of Things.

Author

Yu, Ping, Ni, Wei, Zhang, Hua, Liu, Ren Ping, Wen, Qiaoyan, Li, Wenmin, and Gao, Fei

Subjects

*INTERNET access, *INTERNET of things, *DATA encryption, *PARALLEL programming, *TRUST, *FOG

Abstract

The ability of Fog computing to admit and process huge volumes of heterogeneous data is the catalyst for the fast expansion of Internet of things (IoT). The critical challenge is secure and differentiated access to the data, given limited computation capability and trustworthiness in typical IoT devices and Fog servers, respectively. This paper designs and develops a new approach for secure, efficient and differentiated data access. Secret sharing is decoupled to allow the Fog servers to assist the IoT devices with attribute-based encryption of data while preventing the Fog servers from tampering with the data and the access structure. The proposed encryption supports direct revocation and can be decoupled among multiple Fog servers for acceleration. Based on the decisional |$q$| -parallel bilinear Diffie–Hellman exponent assumption, we propose a new extended |$q$| -parallel bilinear Diffie–Hellman exponent (E |$q$| -PBDHE) assumption and prove that the proposed approach provides 'indistinguishably chosen-plaintext attacks secure' data access for legitimate data subscribers. As numerically and experimentally verified, the proposed approach is able to reduce the encryption time by 20% at the IoT devices and by 50% at the Fog network using parallel computing as compared to the state of the art. [ABSTRACT FROM AUTHOR]

Published

2022

5. Authorized Function Homomorphic Signature.

Author

Guo, Qingwen, Huang, Qiong, and Yang, Guomin

Subjects

*DIGITAL signatures, *DATA encryption, *ELECTRONIC authentication, *COMPUTER security, *CRYPTOGRAPHY

Abstract

Homomorphic signature (HS) is a novel primitive that allows an agency to carry out arbitrary (polynomial time) computation f on the signed data m → and accordingly gain a signature σ h for the computation result f (m →) with respect to f on behalf of the data owner (DO). However, since DO lacks control of the agency's behavior, receivers would believe that DO did authenticate the computation result even if the agency misbehaves and applies a function that the DO does not want. To address the problem above, in this paper we introduce a new primitive called authorized function homomorphic signature (AFHS). In AFHS, the agency has to obtain a confidence key sk f from DO in order to evaluate a function f on the data m → and to obtain a signature with which one can check whether the agency acts in accordance with DO's instructions. A black-box construction of AFHS based on HS is given in this paper, and we show that if the underlying primitives are secure, so is our construction under the given security model. Moreover, we provide a somewhat concrete construction that offers stronger security guarantee. [ABSTRACT FROM AUTHOR]

Published

2018

6. A New Framework of IND-CCA Secure Public Key Encryption with Keyword Search.

Author

Ma, Sha and Huang, Qiong

Subjects

*PUBLIC key cryptography, *KEYWORD searching, *RSA algorithm, *DATA encryption, *MAP projection

Abstract

In the era of cloud computing, public key encryption with keyword search (PEKS) is an extremely useful cryptographic tool for searching on encryption data, whose strongest security notion is indistinguishability encryption against chosen ciphertext attack (ind-cca). Adballa et al. presented a transformation from identity based encryption (IBE) to PEKS in the Theory of Cryptography Conference 2010. This paper proposes a new framework of ind-cca secure PEKS in the standard model. Our main technical tool is a newly introduced notion of smooth projective hash function with key mapping, in which the hash key hk is mapped into another mapping projection key mhp besides the classical projection key hp. Finally, we provide an instantiation of our framework based on symmetric eXternal Diffie–Hellman assumption. [ABSTRACT FROM AUTHOR]

Published

2020

7. Novel Smooth Hash Proof Systems Based on Lattices.

Author

Lai, Qiqi, Yang, Bo, Yu, Yong, Chen, Yuan, and Bai, Jian

Subjects

*CRYPTOGRAPHY, *ARTIFICIAL intelligence, *DATA encryption, *DATA security, *CLOUD computing

Abstract

As a basic and important primitive, hash proof system can be used to construct many cryptographic schemes and protocols. Therefore, it is significant to instantiate more efficient hash proof systems from various assumptions. Although there are many hash proof systems based on various classical assumptions, only a handful of efficient hash proof systems are known based on post-quantum assumptions. In this paper, we present several new hash proof systems based on the standard learning with errors (LWE) problem, which is at least as hard as standard worst-case lattice problems. Comparing with other existing constructions based on lattices, our main advantages are 2-fold: much simpler and more efficient. And our constructions can be easily extended to be identity-based ones and updatable ones. Throughout the paper, our main idea is to base hash proof systems on a new subset indistinguishability problem related to LWE, and employ the property of smooth parameter of q-ary orthogonal lattices to ensure smoothness. [ABSTRACT FROM AUTHOR]

Published

2018

8. Intrusion Detection Over Encrypted Network Data.

Author

Karaçay, Leyli, Savaş, Erkay, and Alptekin, Halit

Subjects

*DATA encryption, *OUTLIER detection, *DATA analysis, *MACHINE learning, *VIRTUAL private networks, *SYSTEM analysis, *DATA modeling, *END-to-end delay

Abstract

Effective protection against cyber-attacks requires constant monitoring and analysis of system data in an IT infrastructure, such as log files and network packets, which may contain private and sensitive information. Security operation centers (SOC), which are established to detect, analyze and respond to cyber-security incidents, often utilize detection models either for known types of attacks or for anomaly and applies them to the system data for detection. SOC are also motivated to keep their models private to capitalize on the models that are their propriety expertise, and to protect their detection strategies against adversarial machine learning. In this paper, we develop a protocol for privately evaluating detection models on the system data, in which privacy of both the system data and detection models is protected and information leakage is either prevented altogether or quantifiably decreased. Our main approach is to provide an end-to-end encryption for the system data and detection models utilizing lattice-based cryptography that allows homomorphic operations over ciphertext. We employ recent data sets in our experiments which demonstrate that the proposed privacy-preserving intrusion detection system is feasible in terms of execution times and bandwidth requirements and reliable in terms of accuracy. [ABSTRACT FROM AUTHOR]

Published

2020

9. Cryptanalysis of a Compact Anonymous HIBE with Constant Size Private Keys.

Author

Lin, Xi-Jun, Sun, Lin, Qu, Haipeng, and Xian, He-Qun

Subjects

*SIZE, *CRYPTOGRAPHY, *DATA encryption, *CRYPTOSYSTEMS, *ANONYMITY, *EXPONENTS

Abstract

Recently, Zhang et al. proposed a new anonymous hierarchical identity-based encryption (anonymous HIBE) over prime order groups to achieve both constant size private key and constant size ciphertext. Moreover, a double exponent technique was used to provide anonymity. They proved that their scheme is secure and anonymous against chosen plaintext attacks in the standard model. In this paper, we point out that their scheme is insecure. [ABSTRACT FROM AUTHOR]

Published

2019

10. Editorial: On the Security of the First Leakage-Free Certificateless Signcryption Scheme.

Author

XI-JUN LIN, LIN SUN, HAIPENG QU, and XIAOSHUAI ZHANG

Subjects

*COMPUTER security standards, *PRINTED ephemera, *DATA encryption, *INFORMATION-theoretic security, *DATA caps (Internet)

Abstract

Recently, Islam and Li proposed the first certificateless signcryption scheme without ephemeral secret leakage (ESL) attack, called leakage-free certificateless signcryption (leakage-free CLSC) scheme. However, we point out in this paper that the confidentiality property is not captured in their proposal. Moreover, our attack adheres to the security model proposed in the original paper. On the other hand, the security models proposed by Islam and Li are insufficient. In fact, the ESL attack is not involved in the security models since the ephemeral secret is not returned to the adversary when CLSC-Signcryption query and Challenge are issued. Finally, we give the amended security models. [ABSTRACT FROM AUTHOR]

Published

2017

11. Almost-Tight Identity Based Encryption Against Selective Opening Attack.

Author

JUNQING GONG, XIAOLEI DONG, ZHENFU CAO, and JIE CHEN

Subjects

*FUNCTIONAL identities, *IDENTITY management systems, *INFORMATION technology security, *DATA encryption, *COMPUTER security

Abstract

The paper presents an identity based encryption (IBE) under selective opening attacks (SOA) whose security is almost-tightly related to a set of computational assumptions in composite-order bilinear groups. Our result is a combination of Bellare, Waters and Yilek's method [TCC, 2011] for constructing (not tightly) SOA secure IBE and Hofheinz, Koch and Striecks' technique [PKC, 2015] on building almost-tightly secure IBE in the multi-ciphertext setting. In the paper, we first tune Bellare et al.'s generic construction for SOA secure IBE to show that a one-bit IBE achieving ciphertext indistinguishability under chosen plaintext attack in the multi-ciphertext setting (with one-sided public openability) tightly implies a multi-bit IBE secure under the selective opening attack. Next, we almost tightly reduce such a one-bit IBE to static assumptions in the composite-order bilinear groups employing the technique of Hofheinz et al. This yields the first SOA secure IBE with almost-tight reduction. [ABSTRACT FROM AUTHOR]

Published

2016

12. Non-transferable Proxy Re-encryption.

Author

Guo, Hui, Zhang, Zhenfeng, Xu, Jing, and An, Ningyu

Subjects

*DATA encryption, *DATA security, *PROXY servers, *COMPUTER access control, *CIPHERS

Abstract

The traditional security notion of proxy re-encryption (PRE) focuses on preventing the proxy learning anything about the encrypted messages. However, such a basic security requirement is clearly not enough for scenarios where the proxy can collude with Bob. A desirable security goal is, therefore, to prevent a malicious proxy colluding with Bob to re-delegate Alice's decryption right. In 2005, Ateniese et al. first proposed this intriguing problem called non-transferability, in the sense that the only way for Bob to transfer Alice's decryption capability is to expose his own secret key. However, no solutions have achieved this property. In this paper, we positively resolve this open problem. In particular, we give the first construction of non-transferable PRE where the attacker is allowed to obtain one pair of keys consisting of Bob's secret key and the corresponding re-encryption key. Using indistinguishability obfuscation and k -unforgeable authentication as main tools, our scheme is provably secure in the standard model. The essential idea behind our approach is to allow Bob's secret key to be evoked in the process of decrypting Alice's ciphertext while hiding the fact that only Bob could decrypt it by the obfuscated program. In addition, we also show a negative result: a CPA secure PRE scheme with 'error-freeness' property cannot be non-transferable. [ABSTRACT FROM AUTHOR]

Published

2019

13. Leakage Resilient CCA Security in Stronger Model: Branch Hidden ABO-LTFs and Their Applications.

Author

Zhao, Yi, Yu, Yong, and Yang, Bo

Subjects

*CIPHERS, *PUBLIC key cryptography, *DATA security failures, *DATA encryption, *COMPUTER security

Abstract

Lossy trapdoor functions (LTFs) have already found various applications in cryptography with many priorities. But constructing leakage resilient (LR) CCA secure PKE schemes through this way received less attention. Existing works could only be proven secure in a weakened model due to the power of leakage attack. To address this problem, we introduce a new variant of ABO-LTF which is called branch hidden ABO-LTF (BHABO-LTF) in this paper. This primitive provides protection for the information of evaluated branches rather than lossy branches, which means even an adversary knows the information of the set of lossy branches, it can still not determine whether the output is evaluated on an injective or a lossy branch as long as the inversion key is kept secret. We observe that if this primitive has Chameleon property, we could present a generic construction of CCA secure PKE schemes. Due to the transparency of lossy branches of the primitive, we find that our construction can naturally be extended to accommodate leakage resilience. We give a generic construction with a realization of LR-BHABO-LTFs under the decisional composite residuosity assumption. This construction can be proved secure in a well-accepted security model rather than existing LTF-based ones in weak key-leakage model. Besides, without the need to hide the information of lossy branches, a Chameleon BHABO-LTF can be constructed by additively homomorphic CPA secure PKE alone. So our work can also be viewed as an interesting progress to give a construction of CCA secure PKE from additively homomorphic CPA secure PKE with certain properties as well as their LR counterparts, which has been a longstanding problem. [ABSTRACT FROM AUTHOR]

Published

2019

14. Privacy-Preserving Aggregation of Time-Series Data with Public Verifiability from Simple Assumptions and Its Implementations.

Author

Emura, Keita, Kimura, Hayato, Ohigashi, Toshihiro, and Suzuki, Tatsuya

Subjects

*DATA encryption, *AGGREGATION (Statistics), *TIME series analysis, *PRIVACY, *DATA analysis

Abstract

Aggregator oblivious encryption was proposed by Shi et al. (NDSS 2011). In this method, an aggregator can compute an aggregated sum of data and is unable to learn anything else (aggregator obliviousness). Since the aggregator does not learn individual data that may reveal users' habits and behaviors, several applications including privacy-preserving smart metering have been considered. In this paper, we propose an aggregator oblivious encryption scheme with public verifiability where the aggregator is required to generate a proof of an aggregated sum, and anyone can verify whether the aggregated sum has been correctly computed by the aggregator. Although Leontiadis et al. (CANS 2015) considered verifiability, their scheme requires an interactive complexity assumption to provide the unforgeability of the proof. Our scheme is proven to be unforgeable under a static and simple assumption (a variant of the Computational Diffie–Hellman assumption). Moreover, our scheme inherits the tightness of the reduction of the Benhamouda et al. scheme (ACM TISSEC 2016) for proving aggregator obliviousness. This tight reduction allows us to employ elliptic curves of a smaller order and leads to efficient implementation. Specifically, for 112-bit security, we can employ Barreto–Naehrig (BN) curves with a 383-bit prime order, whereas we need to employ curves with a 1031-bit prime order to implement the Leontiadis et al. scheme. We give implementations of two schemes and evaluate their performances under those curves. We employ a Raspberry-Pi as a power-constrained device such as a smart meter. Consequently, we demonstrate that the running time of the data encryption, data aggregation and verification in our scheme are reduced by approximately 74%, 64% and 89%, respectively, compared to those of the Leontiadis et al. scheme. [ABSTRACT FROM AUTHOR]

Published

2019

15. Order-Hiding Range Query over Encrypted Data without Search Pattern Leakage.

Author

Dou, Yi, Chan, Henry C B, and Au, Man Ho

Subjects

*COMPUTER security, *DATA encryption, *COMPUTER network security, *ACCESS control, *DATABASE management

Abstract

For cloud data storage, data privacy and security are two key concerns. Although sensitive data can be encrypted before they are stored in the cloud, the encrypted data can hardly be processed efficiently. Hence, a lightweight solution is required to satisfy both high security and high efficiency requirements. In this paper, we study the problem of range query over encrypted data. The main idea is to transform the range comparison to a privacy-preserving set intersection operation. To protect record privacy, our scheme builds searchable encrypted indexes for records that are secure against inference attack. To ensure the privacy of range queries, non-deterministic encryption, which has not been achieved in range query before, is proposed to hide the search pattern of queries. During range comparison, our scheme neither leaks the order relationship between the upper/lower bound of a range query and the encrypted index, nor produces false positives in the query results. We have implemented our scheme and evaluated its performance in comparison with other schemes. The comparison results indicate that our scheme has a shorter index size and search time than the order-revealing encryption (ORE) scheme when the processing unit is large. Meanwhile, our scheme only leaks the access pattern, and is proved to be more secure than existing schemes. [ABSTRACT FROM AUTHOR]

Published

2018

16. Tightly Secure Encryption Schemes against Related-Key Attacks.

Author

Han, Shuai, Liu, Shengli, Lyu, Lin, and Gu, Dawu

Subjects

*COMPUTER security, *DATA encryption, *CRYPTOGRAPHY, *SECURITY management, *ACCESS to information

Abstract

ℱ -Related-Key Attacks (RKAs) allow an adversary to tamper the key k stored in a cryptographic device by specifying related-key deriving (RKD) functions f in ℱ and subsequently learn the outcome of the device under related keys f (k) ⁠. In this paper, we present RKA secure public-key encryption (PKE) and symmetric encryption (SE) schemes admitting a tight security reduction to the standard s -Linear assumption. The security loss depends only on the security parameter and is independent of the number of tampering queries made by the adversary. Our encryption schemes are resilient to RKAs w.r.t. the set of restricted affine functions ℱ raff ⁠, of which the set of linear functions ℱ lin is a subset. In particular, • Our encryption schemes serve as the first ones possessing tight RKA security for a non-trivial RKD function class ℱ under standard assumptions. • Moreover, our encryption schemes enjoy tight super-strong RKA securities, which are the strongest ones among the existing RKA security notions. [ABSTRACT FROM AUTHOR]

Published

2018

17. Structural Key Recovery of Simple Matrix Encryption Scheme Family.

Author

Liu, Jinhui, Yu, Yong, Yang, Bo, Jia, Jianwei, Wang, Shijia, and Wang, Houzhen

Subjects

*COMPUTER security, *DATA encryption, *COMPUTER network security, *COMPUTATIONAL complexity, *ELECTRONIC data processing, *MACHINE theory, *CRYPTOGRAPHY

Abstract

Advances in quantum computers threaten the security of public-key cryptosystems whose security is based on the hardness of factoring or on the discrete logarithm problem. Multivariate encryption schemes are promising alternatives to traditional cryptosystems. Tao et al. proposed a new Multivariate Public-Key Cryptosystem for encryption called simple matrix encryption scheme (ABC for short). Further, they proposed an improved simple matrix encryption schemes and a cubic simple matrix encryption scheme. In this paper, we show that the three schemes are vulnerable to a structural key recovery attack by tensor and vectorization notation and associated algebraic re-writing rules. We derive a set of linear equations from the public key whose solution yields an equivalent key pair that hide the central map. The proposed cryptanalysis approaches require polynomial computational complexity to achieve some equivalent keys from associated public keys. In addition, we provide an example to illustrate feasibility of proposed analysis method. [ABSTRACT FROM AUTHOR]

Published

2018

18. Meet-in-the-Middle Attacks on Reduced-Round QARMA-64/128.

Author

Li, Rongjia and Jin, Chenhui

Subjects

*CRYPTOGRAPHY, *BLOCK ciphers, *MATHEMATICAL sequences, *COMPLEXITY (Philosophy), *DATA encryption

Abstract

QARMA is a new family of lightweight tweakable block ciphers which is used in the Pointer Authentication of ARMv8.3-A. In this paper, we apply meet-in-the-middle attack to QARMA-64 and QARMA-128 including the outer whitening keys. First, we observe that a linear relation exists between four cells out of the eight input/output cells in the MixColumns operation. Then, the idea of canceling the state difference with the tweak difference is used to make one blank round. Finally, we construct meet-in-the-middle distinguishers on 5-round QARMA-128 and QARMA-64, respectively. Therefore, the attack on QARMA4-128 is obtained by appending three rounds on the top of the distinguisher and two round on the bottom. Similarly, the attack on QARMA3-64 is obtained. Besides, this attack can be extended to attack on 9-round QARMA-64 without increasing the overall complexity. To the best of our knowledge, these are the first attacks on QARMA block ciphers including the outer whitening keys. [ABSTRACT FROM AUTHOR]

Published

2018

19. A New Software Birthmark based on Weight Sequences of Dynamic Control Flow Graph for Plagiarism Detection.

Author

Yuan, Baoguo, Wang, Junfeng, Fang, Zhiyang, and Qi, Li

Subjects

*PLAGIARISM prevention, *COMPUTER software quality control, *FLOWGRAPHS, *DATA encryption, *N-gram models (Computational linguistics)

Abstract

With the large-scale development of open source software, software plagiarism has become a serious threat to software industry and intellectual property. As the latest technique of plagiarism detection, dynamic software birthmark has attracted much attention in recent years. Most of the existing dynamic birthmarks focus on how to resist obfuscation techniques such as compiler optimizations and strong obfuscations implemented in tools. However, they pay little attention to packers, especially encryption packer which is commonly used in software protection as well as plagiarism. When used to encrypt software, the decryption code is added to the binary. It is hard to distinguish the original parts of software from the decryption parts using traditional dynamic birthmarks. In this paper, we propose a new dynamic software birthmark called weight sequences birthmark (WSB) which is based on weight sequences of dynamic control flow graph (DCFG). The weight sequences are used as characteristics, which make full use of the different patterns of dynamic basic block replications between the original code and the decryption code. Compared with the-state-of-art dynamic key instruction sequence birthmark (DKISB), the new birthmark can resist encryption packer effectively. Furthermore, WSB shows better credibility than DKISB when distinguishing independent programs. The comprehensive experiments illustrate that the value of extended F -measure can reach 96.8%, indicating that it is a high-quality birthmark which satisfies both the credibility and the resiliency. [ABSTRACT FROM AUTHOR]

Published

2018

20. Improved Meet-in-the Middle Attacks on Reduced-Round TWINE-128.

Author

Liu, Ya, Yang, Anren, Dai, Bo, Li, Wei, Liu, Zhiqiang, Gu, Dawu, and Zeng, Zhiqiang

Subjects

*BLOCK ciphers, *DATA encryption, *CRYPTOGRAPHY, *COMPLEXITY (Philosophy)

Abstract

TWINE is a lightweight block cipher, which was proposed by NEC corporation in 2012. It is both a good example of common trade-offs in lightweight cryptography and one of the only instances of a GFN with improved diffusion layer. Therefore, its security has attracted amount of attention in recent years. In this paper, we present a meet-in-the-middle attack on 26-round TWINE-128 by exploiting the slow diffusion of key schedule. Specifically, we first construct a new 11-round distinguisher of TWINE. Based on it, we mount a meet-in-the-middle attack on 26-round TWINE-128. The data, time and memory complexities are 2 60 chosen plaintexts, 2 126.18 26-round encryptions and 2 109 64-bit blocks, respectively. Our results are better than all previous ones on TWINE-128 in the single-key scenario if not considering biclique cryptanalysis of TWINE-128. [ABSTRACT FROM AUTHOR]

Published

2018

21. Klepto for Ring-LWE Encryption.

Author

Xiao, Dianyan and Yu, Yang

Subjects

*PUBLIC key cryptography, *LATTICE theory, *CRYPTOGRAPHY, *ALGORITHMS, *DATA encryption

Abstract

Due to its great efficiency and quantum resistance, public key cryptography based on Ring-LWE problem has drawn much attention in recent years. A batch of cryptanalysis works provided ever-improved security estimations for various Ring-LWE schemes, but few works discussed the security of Ring-LWE cryptography from kleptographic aspect. In this paper, we show how to embed a backdoor into a classic Ring-LWE encryption scheme so that partial bits of the plaintext are leaked to the owner of the backdoor. By theoretical analysis and experimental observations, we argue that the klepto Ring-LWE encryption scheme with such backdoor is feasible and practical. [ABSTRACT FROM AUTHOR]

Published

2018

22. Bounded Revocable and Outsourceable ABE for Secure Data Sharing.

Author

Qin, Baodong, Zhao, Qinglan, and Zheng, Dong

Subjects

*CLOUD computing, *DATA encryption, *PUBLIC key cryptography, *COMPUTER network security, *COMPUTER security software

Abstract

With the progress of cloud computing, many users hope in time to upload their data into cloud for sharing. For sensitive data, the owner must encrypt it before sending it to cloud server. The state of the art method for fine-grained access control on encrypted data is attribute-based encryption (ABE). Though ABE is believed to be an outstanding technique for secure data sharing, it has many efficiency drawbacks. For example, its ciphertext size and decryption time increase linearly with the number of attributes used during encryption and decryption, and it is hard to revoke a user’s access ability. In this paper, we propose a method to outsource the decryption of ABE via public cloud computing, and to control a user’s decryption capacity through a bounded revocation technique. The public cloud server can transform any user’s ABE ciphertexts into short ElGamal-type ciphertexts via the user’s public transformation key. The transformed ciphertexts are actually ElGamal-type identity-based ciphertexts obtained through a bounded-collision identity-based encryption scheme, and the decryption time only requires one exponentiation. Our scheme can revoke user’s decryption ability. But it limits to scenario with bounded number of revocation. [ABSTRACT FROM AUTHOR]

Published

2018

23. Identity-Based Broadcast Encryption for Inner Products.

Author

Lai, Jianchang, Mu, Yi, Guo, Fuchun, Jiang, Peng, and Ma, Sha

Subjects

*DATA encryption, *INNER product, *PUBLIC key cryptography, *ALGORITHMS, *COMPUTER security software

Abstract

In the identity-based broadcast encryption (IBBE), only these users whose identities are chosen in the ciphertext computing can decrypt the encrypted message. In this paper, we introduce an extension of IBBE, namely Identity-Based Broadcast Encryption for Inner Product (IBBE-IP), where message encryption is replaced by inner product encryption (IPE) introduced by Abdalla et al. (PKC 2015). Precisely, in the IBBE-IP, the private key is associated with a pair of an identity and a vector (I D , y →). The user with private key of (I D , y →) can decrypt the encrypted vector x → for an identity set S selected by the encryptor and learn the inner product 〈 x → , y → 〉 if and only if I D ∈ S. Differing from the IBBE, the decryption in the IBBE-IP yields the inner product associated with the encrypted vector without leaking any information of the vector. The encrypted vector is protected as long as the number of selected identities is less than their length. We present a construction of IBBE-IP with constant-size private keys and it supports unbounded private key queries, which was unachieved in the previous works of IPE in the public-key setting. The security of our proposed scheme is proved in the random oracle model. [ABSTRACT FROM AUTHOR]

Published

2018

24. A Key-Policy Attribute-Based Proxy Re-Encryption Without Random Oracles.

Author

CHUNPENG GE, SUSILO, WILLY, JIANDONG WANG, ZHIQIU HUANG, LIMING FANG, and YONGJUN REN

Subjects

*DATA encryption, *CIPHERS, *QUERY languages (Computer science), *DATA conversion, *BILINEAR forms, *BILINEAR transformation method

Abstract

A conditional proxy re-encryption (CPRE) scheme enables the proxy to convert a ciphertext from Alice to Bob, if the ciphertext satisfies one condition set by Alice. To improve the issue of more fine-grained on the condition set, Fang, Wang, Ge and Ren proposed a new primitive named Interactive conditional PRE with fine grain policy (ICPRE-FG) in 2011, and left an open problem on how to construct CCA-secure ICPRE-FG without random oracles. In this paper, we answer this open problem affirmatively by presenting a new construction of CCA-secure key-policy attribute-based PRE (KP-ABPRE) without random oracles. In this paper, we enhance the security model of Fang's ICPRE-FG scheme by allowing the adversary to make some extra queries, which do not help them win the game trivially. Finally, we present a CCA-secure KP-ABPRE without random oracles under the 3-weak decisional bilinear Diffie-Hellman inversion(3-wDBDHI) assumption. [ABSTRACT FROM AUTHOR]

Published

2016

25. Efficient Ring Signature and Group Signature Schemes Based on q-ary Identification Protocols.

Author

Chen, Siyuan, Zeng, Peng, Choo, Kim-Kwang Raymond, and Dong, Xiaolei

Subjects

*DIGITAL signatures, *DATA encryption, *DATA security, *COMPUTER network security, *ELECTRONIC authentication

Abstract

While designing ring signature and group signature is a relatively mature area, few published schemes are both efficient and quantum attack-resilience. In this paper, we present two new signature schemes based on coding theory. First, we present two new zero-knowledge (ZK) identification protocols based on the construction of (Cayrel, P.L., Véron, P. and Alaoui, S.M.E.Y. (2010) A Zero-Knowledge Identification Scheme Based on the q-ary Syndrome Decoding Problem. Proceedings of SAC 2010, Waterloo, Ontario, Canada, August 12-13, pp. 171-186. Springer, Berlin) in order to improve efficiency of code-based digital signature schemes. We then transform the newly proposed ZK protocols into a ring signature scheme and a group signature scheme. Our schemes enjoy a significant improvement in efficiency since reducing the cheating probability decreases the interaction rounds. Specially, with the security level of 2-87, the sizes of public key and signature are 14.5 KB and 52 KB in our ring signature scheme, while the corresponding sizes are 400 KB and 2384 KB in the scheme of (Cayrel, P. L., Alaoui, S. M. E. Y., Hoffmann, G. and Véron, P. (2012) An improved threshold ring signature scheme based on error correcting codes. Proceedings of WAIFI 2012, Bochum, Germany, July 16-19, pp. 45-63. Springer, Berlin). At the security level of 2-80, the sizes of public key and signature are 32 KB and 113.8 KB in our group signature scheme, as compared with 2.5 MB and 20 MB in the scheme of (Alamélou, Q., Blazy, O., Cauchie, S. and Gaborit, P. (2017) A codebased group signature scheme. Des. Codes Cryptogr., 82, 469-493) and 642 KB and 114 KB in the scheme of (Ezerman, M.F., Lee, H.T., Ling, S., Nguyen, K. and Wang, H. (2015) A provably secure group signature scheme from code-based assumptions. Proc. ASIACRYPT 2015, Auckland, New Zealand, November 29-December 3, pp. 260-285. Springer, Berlin). [ABSTRACT FROM AUTHOR]

Published

2018

26. Continuous Leakage-Resilient Identity-Based Encryption without Random Oracles.

Author

Zhou, Yanwei, Yang, Bo, and Mu, Yi

Subjects

*DATA encryption, *COMPUTER network security, *DATA security, *INTERNET security, *COMPUTER security

Abstract

Provably secure identity-based encryption (IBE) schemes in the presence of key-leakage have attracted a lot of attention recently. However, most of them were designed in the bounded-leakage model, and might not be able to meet the claimed security under the continuous-leakage attacks. The main issue is that the most of previous leakage-resilient IBE schemes could not ensure the randomness of all elements in the ciphertext, because some elements can be written as a function on the private key of user; therefore, the adversary can obtain the leakage on the private key of user from the corresponding given ciphertext. In this paper, a new construction of CCA-secure IBE scheme tolerating continuous-leakage attacks in the standard model is proposed, and its security is proved in the selective-ID security model based on the hardness of decisional bilinear Diffie-Hellman assumption, which is a classical static assumption. In our construction, the adversary cannot obtain any leakage on the private key from the corresponding ciphertext, since all elements in the ciphertext are random in the adversary's view. The striking advantage of our constructions is the key leakage ratio, which is the best one among the previous leakage-resilient IBE constructions. [ABSTRACT FROM AUTHOR]

Published

2018

27. Efficient Homomorphic Integer Polynomial Evaluation Based on GSW FHE.

Author

Wang, Husen and Tang, Qiang

Subjects

*DATA encryption, *COMPUTER security, *ENCRYPTION protocols, *COMPUTER network security, *DATA security

Abstract

In this paper, we introduce new methods to evaluate integer polynomials with the Gentry-Sahai-Waters fully homomorphic encryption (GSW FHE) scheme. Our solution has much slower noise growth and per homomorphic integer multiplication cost, with a ratio O((logk)w+1 / kw⋅n) in comparison to the original GSW scheme where k is the input plaintext width, n is the LWE dimension and ω=2.373. Technically, we reduce the integer multiplication noise by restricting the evaluation to be between two kinds of ciphertexts: one is for the message space ℤq and the other is for message space 픽2 [log q]. To achieve generality, we propose an integer bootstrapping scheme which converts these two kinds of ciphertexts into each other. To solve the ciphertext expansion problem due to ciphertexts in 픽2 [log q], we propose a solution based on symmetric-key encryption with stream ciphers. [ABSTRACT FROM AUTHOR]

Published

2018

28. Cryptanalysis of A Pairing-Free Certificateless Signcryption Scheme.

Author

Lin, Xi-Jun, Sun, Lin, Qu, Haipeng, and Liu, Dongxiao

Subjects

*CLOUD computing, *ARTIFICIAL intelligence, *PUBLIC key cryptography, *DATA encryption, *MACHINE learning

Abstract

Certificateless signcryption (CLSC) has attracted much attention from the research community since it provides both confidentiality and unforgeability, and, at the same time, it does not suffer from the certificate management problem in traditional public key cryptography and the key escrow problem in identity-based cryptography. However, most CLSC schemes are based on the bilinear pairing which is still a time-costing operation although many efforts have been made to improve its efficiency. Recently, Yu et al. proposed a pairing-free CLSC scheme and proved its security. In this paper, we point out that their scheme can be totally broken since confidentiality and unforgeability actually are not captured. [ABSTRACT FROM AUTHOR]

Published

2018

29. Providing Secret Authentication in Clustered Security Architecture for Cloud-Based WBAN.

Author

Karthiga, I. and Sankar, Sharmila

Subjects

*BODY area networks, *HIDDEN Markov models, *DATA encryption, *BIOINFORMATICS, *WIRELESS sensor nodes

Abstract

In inter-WBAN communication, there is more possibility of the physical attacks that includes the node capture, tampering, pre-deployment network topology and so on. In order to overcome these issues, in this paper, we propose a secret authentication in clustered security architecture for Cloud-based WBAN. When the nodes are deployed in the network, the cluster heads are elected based on the residual energy and node distance. Then a Wavelet-Domain Hidden Markov Model is deployed to perform the communication in a secure manner. A selective encryption mechanism is then used to protect data confidentiality by using biomedical information as a key. Further, the security is enhanced by concealing the features of sensors by generating a coffer, a computationally efficient protocol. By simulation results, we show that the proposed technique enhances the security and reduces the overhead. [ABSTRACT FROM AUTHOR]

Published

2018

30. Authorized Equi-join for Multiple Data Contributors in the PKC-Based Setting.

Author

SHA MA

Subjects

*DATABASE management, *CRYPTOGRAPHY, *DATA encryption, *TRAPDOORS, *LITERATURE

Abstract

The Database-As-a-Service (DaaS) model provides seamless mechanisms for database management and service. As a countermeasure to security treats, encryption technologies have been widely adopted in database systems. Accordingly, privacy-preserving queries on encrypted databases has become an important research topic. In this paper, we present the first solution of authorized equi-join for multiple data contributors in the PKC-based setting. With the improved ciphertext security under checkability, our underlying cryptographic construction could be used independently as a standard procedure for many other relational operations, for instance, intersection, difference, and set union. As a feature, our scheme allows flexible authorization policies for the join operation by the controlled trapdoor transitivity, which has not yet been studied thoroughly in the literature. Our proposed scheme is efficient in encryption and execution and has a reasonable ciphertext size. It can be applied as a building block for data query in the DaaS model. [ABSTRACT FROM AUTHOR]

Published

2017

31. Statistical Cipher Feedback of Stream Ciphers.

Author

HEYS, HOWARD M.

Subjects

*STREAM ciphers, *HARDWARE, *DATA encryption, *COMMUNICATION, *CRYPTOGRAPHY

Abstract

In this paper, we examine a method of constructing a self-synchronizing stream cipher referred to as statistical cipher feedback (SCFB). Although recently studied as a mode for block ciphers, we explicitly consider the application of SCFB to hardware-oriented stream ciphers. Specifically, we show that SCFB can be used to realize a self-synchronizing stream cipher that has the characteristics of compact, efficient hardware implementations and is secure given that the underlying synchrononous stream cipher is secure. Further, we consider the communication properties of the SCFB system and examine the relationships between these properties and the implementation characteristics. [ABSTRACT FROM AUTHOR]

Published

2017

32. Partitioned Group Password-Based Authenticated Key Exchange.

Author

FIORE, DARIO, GONZÁLEZ VASCO, MARÍA ISABEL, and SORIENTE, CLAUDIO

Subjects

*COMPUTER password security, *COMPUTER access control, *PRIVACY, *COMMUNICATION, *DATA encryption

Abstract

Group Password-Based Authenticated Key Exchange (GPAKE) allows a group of users to establish a secret key, as long as all of them share the same password. However, in existing GPAKE protocols as soon as one user runs the protocol with a non-matching password, all the others abort and no key is established. In this paper we seek for a more flexible, yet secure, GPAKE and put forward the notion of partitioned GPAKE. Partitioned GPAKE tolerates users that run the protocol on different passwords. Through a protocol run, any subgroup of users that indeed share a password, establish a session key, factoring out the ‘noise’ of inputs by users holding different passwords. At the same time any two keys, each established by a different subgroup of users, are pair-wise independent if the corresponding subgroups hold different passwords. We also introduce the notion of password-privacy for partitioned GPAKE, which is a kind of affiliation hiding property, ensuring that an adversary should not be able to tell whether any given set of users share a password. Finally, we propose an efficient instantiation of partitioned GPAKE building on an unforgeable symmetric encryption scheme and a PAKE by Bellare et al. Our proposal is proven secure in the random oracle/ideal cipher model, and requires only two communication rounds. [ABSTRACT FROM AUTHOR]

Published

2017

33. Fully Privacy-Preserving ID-Based Broadcast Encryption with Authorization.

Author

JIANCHANG LAI, YI MU, FUCHUN GUO, and RONGMAO CHEN

Subjects

*DATA encryption, *REVOCATION, *PRIVACY, *CRYPTOGRAPHY, *DATA

Abstract

A revocable ID-based broadcast encryption scheme allows an authorized third party to revoke any receiver (decryptor) from the initial receiver set S of the original broadcast ciphertext without the need of decryption. However, the existing revocable ID-based broadcast encryption schemes in the literature cannot fully preserve the receiver privacy and have a large size of ciphertext when the revoked user sets are large. To solve these problems, in this paper, we propose a novel scheme: fully privacy-preserving ID-based broadcast encryption with authorization. Our scheme allows an authorized party to dynamically handle the decryption rights of receivers via an authorized user set L without knowing the message and the identities of the initial receivers. Only those users who are both in S and L can decrypt the ciphertext successfully. The final ciphertext reveals nothing about the identity information of receivers and the authorized users. Our scheme achieves full collusion resistance and is applicable to anonymous data sharing where the receivers are decided by the authorized third party (or multiple authorized third parties) excluding the data owner. We show that our proposed scheme is provably secure under the defined security models in the random oracle model. [ABSTRACT FROM AUTHOR]

Published

2017

34. A Practical Hybrid Group Key Establishment for Secure Group Communications.

Author

HARN, LEIN and CHING-FANG HSU

Subjects

*ENCRYPTION protocols, *DATA encryption, *POLYNOMIALS, *COMPUTER security, *CRYPTOGRAPHY

Abstract

A group key establishment enables a group key shared among all group members. In this paper, we proposed a novel group key establishment, which is a hybrid of the Diffie-Hellman (DH) public-key scheme and the secret sharing scheme. Our protocol takes the advantages of the DH scheme, which does not need a mutually trusted key generation center (KGC) and the secret sharing scheme, which reduces the computational time. Employing the DH scheme allows any group member to act as a KGC to distribute a secret key to all group members. The secret sharing scheme is used as the encryption tool to transfer a group key to group members. Since public-key encryption involves modular exponentiations using a larger modulus (say at least 1024 bits) as compared with the secret sharing encryption involves polynomial operations using a smaller modulus (say only 160 bits), our proposed approach is faster than the broadcast encryption in public-key setting. We show that our protocol can provide key secrecy, key authentication and key independence. [ABSTRACT FROM AUTHOR]

Published

2017

35. Securing Outsourced Data in the Multi-Authority Cloud with Fine-Grained Access Control and Efficient Attribute Revocation.

Author

JUNWEI ZHOU, HUI DUAN, LIANG, KAITAI, QIAO YAN, FEI CHEN, YU, F. RICHARD, JIEMING WU, and JIANYONG CHEN

Subjects

*CLOUD storage, *ACCESS control, *DATA encryption, *COMPUTER security, *SECURITY systems

Abstract

Data outsourcing is a promising service for data owners, where their data are stored on a cloud storage provider. Since the cloud is not fully trusted, data access control has become a challenging issue in the Cloud Storage System (CSS). Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is a feasible technique for ensuring access control in the CSS, where an attribute authority is responsible to manage attributes and distribute keys. In this paper, we propose a novel revocable Multi-Authority CP-ABE scheme, in which the access policy can be constructed as an arbitrary tree rather than a matrix used by existing schemes. The tree-like policy makes our scheme more flexible. Consequently, the encryption, decryption and attribute revocation operations are also more efficient. Our scheme is also proved to be secure under the standard assumption. It can resist user collusion attack, while the attribute revocation operation also achieves both forward security and backward security. Simulation results show that our scheme is highly efficient. [ABSTRACT FROM AUTHOR]

Published

2017

36. On the Importance of Checking Multivariate Public Key Cryptography for Side-Channel Attacks: The Case of enTTS Scheme.

Author

HAIBO YI and WEIJIAN LI

Subjects

*CRYPTOGRAPHY, *DATA encryption, *CYBERTERRORISM, *QUANTUM computers, *PUBLIC key cryptography

Abstract

Cryptographic systems refer to a set of algorithms needed to implement a particular form of encryption, decryption, signature and verification, which have practical applications in engineering area. Among cryptographic systems, Multivariate Public Key Cryptography (MPKC) is one of the most popular post-quantum candidates since it has the potential to resist quantum computer attacks. MPKC must be protected against a wide range of attacks, including side-channel attack, which is any attack based on information gained from the physical implementation of cryptographic systems. However, there are few side-channel attacks on MPKC schemes. In this paper, we present techniques to exploit Differential Power Analysis and fault analysis attacks for analyzing the effectiveness of side-channel attacks on MPKC schemes. We propose a general model of side-channel attacks on enhanced Tame Transformation Signature (enTTS) scheme, which is one of the representative MPKC schemes. We implement a naive enTTS scheme on Application Specific Integrated Circuits and propose a successful side-channel attack on the implementation. Experimental results show that our attack successfully obtains all the pieces from the private keys of the enTTS scheme and they clearly demonstrate the importance of protecting MPKC against side-channel attacks. [ABSTRACT FROM AUTHOR]

Published

2017

37. Pairing-Free and Secure Certificateless Signcryption Scheme.

Author

HUIFANG YU and BO YANG

Subjects

*DATA encryption, *CRYPTOGRAPHY, *INTERNET auctions, *EMAIL systems, *COMPUTER security

Abstract

Certificateless signcryption (CLSC) can simultaneously fulfill certificateless encryption and certificateless signature; however, most CLSC schemes need costly computational overhead due to the usage of pairing operations. How to improve its computational efficiency is a very significant research problem. In this paper, we propose a pairing-free and secure CLSC scheme. In the random oracle model, the proposed scheme is indistinguishability against adaptive chosen-ciphertext attacks secure in confidentiality and unforgeability against adaptive chosen-message attacks secure in unforgeability. In the new scheme, only a designated receiver can recover the message, and a third party can verify the validity of a signcrypted text without knowing the receiver's secret value. In addition, this cryptographic algorithm is very appropriate to applications in online auction, email system and private contractual signature. [ABSTRACT FROM AUTHOR]

Published

2017

38. Simpler Generic Constructions for Strongly Secure One-round Key Exchange from Weaker Assumptions.

Author

ZHENG YANG, JUNYU LAI, CHAO LIU, WANPING LIU, and SHUANGQING LI

Subjects

*DIGITAL signatures, *STANDARD model (Nuclear physics), *DATA encryption, *ELECTRONIC authentication, *COMPUTER security

Abstract

In PKC 2015, Bergsma et al. introduced a generic one-round key exchange (ORKE) protocol (which is referred to as BJS) from digital signature (SIG) and simplified non-interactive key exchange (NIKE) without involving any identity. The BJS scheme is shown to satisfy extended Canetti and Krawczyk-PFS security if the NIKE is adaptive-CKS-light secure and the SIG is strongly secure against existential unforgeability under chosen message attacks. However, the BJS scheme cannot be instantiated with NIKE scheme with identity (e.g. the one proposed by Boneh and Zhandry in Crypto 2014). In this paper, we propose a much simpler generic construction for ORKE from NIKE and SIG. In particular, our scheme only makes weaker security assumptions on the underlying building blocks. Namely, we first show that the static-CKS-light security of NIKE, where the target identities are chosen by the adversary before seeing the system parameters, is sufficient for our construction. On the second, we observe that the SIG only needs to provide strong existential unforgeability under weak chosen message attacks for our construction. These results enable our proposal to have more concrete instantiations which might be easier to build and realize. At the same time, our new protocol is much more computationally efficient than the BJS protocol. [ABSTRACT FROM AUTHOR]

Published

2017

39. Novel Leakage-Resilient Attribute-Based Encryption from Hash Proof System.

Author

LEYOU ZHANG, JINGXIA ZHANG, and YI MU

Subjects

*DATA encryption, *INFORMATION technology security, *COMPUTER security standards, *COMPUTER network protocols, *COMPUTER access control

Abstract

As an important primitive, attribute-based encryption (ABE) has attracted much attention in the relative-leakage model. However, the leakage rate in almost all of the existing ABE schemes is restricted with a leakage parameter. It implicitly suggests that higher leakage rate results in larger ciphertexts and keys. Aiming at tackling the challenge, novel leakage-resilient ciphertext-policy attribute-based encryption (CP-ABE) and key-policy attribute-based encryption (KP-ABE) are designed in this paper. It achieves shorter secret key size and simultaneously does not suffer from the undesirable drawback above. To realize this, the concepts of CP-AB-HPS and KP-AB-HPS are introduced, which generalize the notion of hash proof system (HPS) to attribute-based setting. Under some static assumptions, the proposed schemes are proved adaptively secure in the standard model. In addition, the results in simulation experiments indicate that the proposed scheme is efficient and practical. [ABSTRACT FROM AUTHOR]

Published

2017

40. A Secure Role-Based Cloud Storage System For Encrypted Patient-Centric Health Records.

Author

LAN ZHOU, VARADHARAJAN, VIJAY, and GOPINATH, K.

Subjects

*CLOUD storage security measures, *INFORMATION technology security, *DATA warehousing, *COMPUTER storage devices, *DATA encryption, *ELECTRONIC health records

Abstract

With the rapid developments occurring in cloud services, there has been a growing trend to use cloud for large-scale data storage. Due to the increasing popularity of cloud storage, many healthcare organizations have started moving electronic health records (EHRs) to cloud-based storage systems. However, this has raised the important security issue of how to protect and prevent unauthorized access to EHR data stored in a public cloud. Several cryptographic access control schemes have been proposed to protect the security of data stored in the cloud by integrating cryptographic techniques with access control models. In this paper, we consider a novel role-based encryption technique to build a secure and flexible large-scale EHR system where role-based access control policies are enforced in a cloud environment. Then we discuss a practical EHR system called the personally controlled electronic health record (PCEHR) system recently developed by the Australian Government, and show how the security weaknesses in the PCEHR system can be addressed by our proposed scheme. The proposed system has the potential to be useful in commercial healthcare systems as it captures practical access policies based on roles in a flexible manner and provides secure data storage in the cloud enforcing these access policies. [ABSTRACT FROM AUTHOR]

Published

2016

41. Hybrid Multi-Biometric Template Protection Using Watermarking.

Author

NAFEA, OHOUD, GHOUZALI, SANAA, ABDUL, WADOOD, and QAZI, EMAD-UL-HAQ

Subjects

*DIGITAL watermarking, *DATA encryption, *DISCRETE wavelet transforms, *SINGULAR value decomposition, *HAMMING distance

Abstract

Biometric recognition has been proven to offer a reliable solution to authenticate the identity of the legitimate user. Because of the inherent nature of biometrics, which involves the practice of digitally scanning the physiological or behavioral characteristics of individuals as a means of identification, the biometric trait employed is associated permanently with an individual and cannot be modified. This paper proposes a multimodal biometric template protection algorithm for the security of stored biometric templates in a database. The proposed algorithm is based on watermarking, shuffling process, Hadamard matrix and chaotic map. The security of the algorithm depends on the secrecy of the keys and the chaotic map. Watermarking based on Discrete Wavelet Transform-Singular Value Decomposition has been applied to fuse the features of face and fingerprint in order to improve the security of biometric data. To satisfy the requirements of a biometric template protection algorithm, each genuine user is assigned a unique key for the shuffling process and a unique code is generated using Hadamard matrix. Hadamard matrix is used to provide orthogonality and chaotic map for randomization. The identification process is carried out using Hamming distance. The experimental results give a good performance in terms of achieving a minimum value of FRR and FAR in comparison with previous studies. [ABSTRACT FROM AUTHOR]

Published

2016

42. Revocable and Decentralized Attribute-Based Encryption.

Author

HUI CUI and Deng, ROBERT H.

Subjects

*DATA encryption, *COMPUTER software testing, *INTERNATIONAL communication, *RANDOMIZATION (Statistics), *EMBEDDING theorems

Abstract

In this paper, we propose a revocable and decentralized attribute-based encryption (ABE) system that splits the task of decryption key generation across multiple attribute authorities (AAs) without requiring any central party such that it achieves attribute revocation by simply stopping updating of the corresponding private key. In our system, a party can easily behave as an AA by creating a public and private key pair without any global communication except the creation for the common system parameters, under which it can periodically issue/update private key components for users that reflect their attributes, and an AA can freely leave the system once its corresponding attribute is revoked without communication with other AAs. In addition, to revoke a user, those AAs that have issued private keys to this user easily cease the key updating process for the user without affecting other AAs' execution. For the construction of our system, the technical barrier is to make private keys collusion resistant. Since in our system each component of a user's private key at a time period may come from different AAs and there is no coordination between these AAs, traditional technique of binding together different components (issued by different AAs) of a private key by randomization cannot be employed. To overcome this, we tie the key components together and prevent collusion attacks between different users by embedding distinct identifiers and a commonly shared time attribute in these components. [ABSTRACT FROM AUTHOR]

Published

2016

43. Image and Video Encryption based on Dual Space-Filling Curves.

Author

Bhatnagar, Gaurav, Wu, Q.M. Jonathan, and Raman, Balasubramanian

Subjects

*DATA encryption, *DIGITAL image processing, *WAVELETS (Mathematics), *ROBUST control, *MULTIMEDIA systems, *DECOMPOSITION method

Abstract

In this paper, a new encryption scheme with three different modes of operations is proposed based on dual space-filling curves (SFSs) and a fractional wavelet transform (FrWT). This scheme is initially proposed for images and then extended to videos. The core idea behind the proposed schemes is to decompose an image/video first by the FrWT followed by the shuffling of each sub-band coefficients by means of a dual SFC. At last, an inverse FrWT is performed to get the encrypted image/video. A reliable decryption process is also proposed to construct the original image from the encrypted image. The experimental results, security and comparative analysis demonstrate the efficiency and robustness of the proposed scheme. Further, this paper also proposes an efficient implementation of an FrWT based on chaotic maps. [ABSTRACT FROM PUBLISHER]

Published

2012

44. Practical Attribute-Based Encryption: Traitor Tracing, Revocation and Large Universe.

Author

ZHEN LIU and WONG, DUNCAN S.

Subjects

*DATA encryption, *BLACK box warnings, *DATA security, *SELF-expression, *MONOTONIC functions

Abstract

A blackbox traceable Attribute-Based Encryption (ABE) can identify a malicious user called traitor, which created a decryption box with respect to an attribute set (respectively, access policy), out of all the users who share the same attribute set (respectively, access policy). However, none of the existing traceable ABE schemes can also support revocation and large attribute universe, that is, being able to revoke compromised keys, and can take an exponentially large number of attributes. In this paper, we formalize the definitions and security models, and propose constructions of both Ciphertext-Policy ABE and Key-Policy ABE that support (i) public and fully collusion-resistant blackbox traceability, (ii) revocation, (iii) large universe and (iv) any monotonic access structures as policies (i.e. high expressivity).We also show that the schemes are secure and blackbox traceable in the standard model against selective adversaries. [ABSTRACT FROM AUTHOR]

Published

2016

45. An End-to-End Security Approach for Digital Document Management.

Author

MUNOZ-HERNANDEZ, MARIO DIEGO, MORALES-SANDOVAL, MIGUEL, and GARCIA-HERNANDEZ, JOSE JUAN

Subjects

*ELECTRONIC records management, *ELECTRONIC security systems, *CONFIDENTIAL communications, *SIGNAL integrity (Electronics), *DATA encryption

Abstract

The typical Secure Document Management System (SDMS) uses cryptography or access control mechanisms to restrict illegal access by unauthorized users to digital documents. However, these techniques are insufficient when authorized users betray the trust of their organizations, distributing sensitive digital documents to unauthorized users. This paper presents a novel end-to-end approach to construct a robust SDMS able to guarantee not only the integrity and confidentiality of digital documents (data-centric security), but also providing robust insider threat tracing mechanisms (user-centric security). As far as the authors' knowledge extends, this is the first contribution that analyses security issues of SDMS considering data-centric (by means of encryption) and user-centric (based on fingerprinting) security services for the construction of an SDMS. Security requirements are identified from the modeling of a digital document's lifecycle. Then cryptographic techniques are carefully coupled with a fingerprinting technique at specific stages of the proposed document lifecycle. As a proof of concept, an SDMS was created, implemented and evaluated, demonstrating its feasibility for deployment in production environments. The robustness of the SDMS was proved, using standard cryptographic algorithms and secure key lengths. The created SDMS also resisted the collusion and retyping attacks commonly directed at fingerprinting applications. [ABSTRACT FROM AUTHOR]

Published

2016

46. A Leakage-Resilient CCA-Secure Identity-Based Encryption Scheme.

Author

JIGUO LI, MEILIN TENG, YICHEN ZHANG, and QIHONG YU

Subjects

*CIPHERS, *CYBERTERRORISM, *DATA encryption, *DATA security failures, *EXPONENTIAL functions

Abstract

Identity-based encryption (IBE) has many appealing applications. However, some traditional IBE schemes may not be secure in the real world due to the side-channel attacks. Leakage-resilient cryptography can capture these attacks by modeling information leakage that adversary can access. In this paper, we apply a hash proof technique in the existing CCA-secure variant of the Gentry's IBE scheme to construct a new leakage-resilient IBE scheme in the bounded-leakage model. The proposed scheme is more computationally efficient than the original Alwen et al.'s leakage-resilient IBE scheme. It enjoys a shorter key (public/secret key) length, and a higher relative key leakage ratio. The new leakage-resilient scheme is proved semantically secure against adaptive chosen ciphertext attack in the standard model under the truncated augmented bilinear Diffie-Hellman exponent (q-TABDHE) assumption. [ABSTRACT FROM AUTHOR]

Published

2016

47. RGB, a Mixed Multivariate Signature Scheme.

Author

WUQIANG SHEN and SHAOHUA TANG

Subjects

*PUBLIC key cryptography, *ALGEBRAIC attacks (Cryptography), *DATA encryption, *CRYPTOGRAPHY, *CRYPTOSYSTEMS

Abstract

At present, 'mixed-type' multivariate schemes are relatively rare except the Dragon scheme and its variants (Little Dragon Two scheme and Poly-Dragon scheme). However, they are insecure. In this paper, we first define a particular polynomial called Three-color Polynomial (this polynomial has three-class variables, and the form of the associated symmetric matrix of its quadratic part is similar to the 'three-color model' in colorimetry. So we call it three-color polynomial), and its corresponding Three-color Map. Based on the three-color map, we then present a mixed multivariate signature scheme named RGB (it means Red–Green–Blue, because the central map of this scheme is a threecolor map, and the 'three-color' stands for RGB in colorimetry), which is a variant of the Unbalanced Oil–Vinegar (UOV) signature scheme. Compared with UOV, each polynomial of the central map of RGBhas more cross-terms among all the variables {Y, Z, T}. The variable Y has much to do with message values.To a certain degree, the variable Y stands for the message values. This means that the message values can be more fully mixed with other variable values in the central map, and the adversary is very difficult to forge the signature. Thus, in theory RGB is more secure than UOV. Through detailed analysis, we find thatRGBcan resist current known algebraic attacks under proper parameters, such as exhaustive search attack, separation attack, MinRank attack and direct attack (other algebraic attacks are inapplicable for RGB). Besides, our experiments show that under choosing the security level of 280, the signing time of Magma implementation of RGB is 0.046 s on an ordinary Linux-PC with 2.50 GHz, and the signing time of its C implementation is ∼0.003 s on an 800MHz machine. The comparisons show that the signing speed of RGB is faster than that of Sflashv2, Quartz, UOV, Rainbow and RSA-1024, and is slightly slower than that of ECDSA-163 and NTRUSign-251. Overall, this new scheme can attain very good performance in terms of security and efficiency. [ABSTRACT FROM AUTHOR]

Published

2016

48. A Generic Method for the Analysis of a Class of Cache Attacks: A Case Study for AES.

Author

SAVAŞ, ERKAY and YILMAZ, CEMAL

Subjects

*CACHE memory, *ADVANCED Encryption Standard, *CYBERTERRORISM, *INFORMATION technology security, *DATA encryption, *CIPHERS

Abstract

In this paper, we present a methodology to evaluate the feasibility, effectiveness and complexity of a class of cache-based side-channel attacks. The methodology provides estimates on the lower bound of the required number of observations on the side channel and the number of trials for a successful attack. As a case study, a weak implementation of the Advanced Encryption Standard algorithm is selected to apply the proposed methodology to three different categories of cachebased attacks; namely, access-driven, trace-driven and time-driven attacks. The approach, however, is generic in the sense that it can be utilized in other algorithms that are subject to the microarchitectural side-channel attacks. The adopted approach bases its analysis method partially on the conditional entropy of secret keys given the observations of the intermediate variables in software implementations of cryptographic algorithms via the side channel and explores the extent to which the observations can be exploited in a successful attack. Provided that the intermediate variables are relatively simple functions of the key material and the known inputs or outputs of cryptographic algorithms, a successful attack is theoretically feasible. Our methodology emphasizes the need for an analysis of this leakage through such intermediate variables and demonstrates a systematic way to measure it. The method allows us to explore every attack possibility, estimate the feasibility of an attack, and compare the efficiency and the costs of different attack strategies to determine an optimal level of effective countermeasures. [ABSTRACT FROM AUTHOR]

Published

2015

49. Fully Secure Wicked Identity-Based Encryption Against Key Leakage Attacks.

Author

SHI-FENG SUN, DAWU GU, and ZHENGAN HUANG

Subjects

*INFORMATION technology security, *DATA encryption, *DATA security failures, *CYBERTERRORISM, *PUBLIC key cryptography

Abstract

With the purpose of taking physical attacks into account in security proofs, leakage-resilient cryptography has been initiated. Recently, many leakage-resilient cryptographic primitives have been proposed. In this paper, we put forward the first leakage-resilient wicked identity-based encryption (wicked IBE) scheme. To achieve this goal, we first present a new wicked IBE scheme in the composite order groups. The security proof of this scheme is achieved via the dual system encryption technique. In contrast with existing wicked IBE schemes, the new proposal can be proved fully secure in the standard model, even when the maximum hierarchy depth is a polynomial in the security parameter. Moreover, its security is based on some standard assumptions in the composite groups, which are independent of the hierarchy depth of the scheme. Based on this newly proposed scheme, we then put forward a fully secure leakage-resilient wicked IBE scheme in the bounded memory-leakage model. The leakage here is not only allowed on the user's secret key, but also on the master secret key. Its security is proved in the standard model by a hybrid argument in a sequence of computationally indistinguishable games. To the best of our knowledge, this is the first wicked IBE scheme in the context of leakage resilience. [ABSTRACT FROM AUTHOR]

Published

2015

50. Privacy-Preserving Query Processing by Multi-Party Computation.

Author

SEPEHRI, MARYAM, CIMATO, STELVIO, and DAMIANI, ERNESTO

Subjects

*DATA privacy, *INFORMATION technology security, *COMPUTATIONAL complexity, *DATA encryption, *DATA security, *SQL

Abstract

In this paper, we investigate privacy-preserving query processing (P³Q) techniques on partitioned databases, where relational queries have to be executed on horizontal data partitions held by different data owners. In our scenario, data owners use Secure Multi-party Computation (SMC) to compute privacy-preserving queries on entire relation(s) without sharing their private partitions. Our solution is applicable to a subset of SQL query language called SQL-- including selection and equi-join queries. To nicely scale up with large size data, we show that computation and communication costs can be reduced via a novel bucketization technique. We consider the classical notion of query privacy, where the querier only learns query results (and what can be inferred from it), and data owners learn as little as possible (in a computational sense) about the query. To ensure such privacy, our technique involves a trusted party only at the beginning of the protocol execution. Experimental results on horizontally partitioned, distributed data show the effectiveness of our approach. [ABSTRACT FROM AUTHOR]

Published

2015