Your search keyword '"DATA encryption"' showing total 95 results

51. Probabilistic Public Key Encryption for Controlled Equijoin in Relational Databases.

Author

YUJUE WANG and HWEEHWA PANG

Subjects

*DATA encryption, *DATABASE design, *COMPUTATIONAL complexity, *BLOCK ciphers, *COMPUTER security

Abstract

We present a public key encryption scheme for relational databases (PKDE) that allows the owner to control the execution of cross-relation joins on an outsourced server. The scheme allows anyone to deposit encrypted records in a database on the server. Thereafter, the database owner may authorize the server to join any two relations to identify matching records across them, while preventing self-joins that would reveal information on records that are unmatched in the join. The security of our construction is formally proved in the random oracle model based on the computational bilinear Diffie-Hellman assumption. Specifically, before a relation is joined, its encrypted records enjoy indistinguishability under adaptively chosen ciphertext attacks (CCA2) security; after a join, our scheme offers One-Way CCA2 security protection on the records. Our PKDE construction is shown to outperform the only existing work, both in security guarantee and in efficiency. [ABSTRACT FROM AUTHOR]

Published

2017

52. Novel Leakage-Resilient Attribute-Based Encryption from Hash Proof System.

Author

LEYOU ZHANG, JINGXIA ZHANG, and YI MU

Subjects

*DATA encryption, *INFORMATION technology security, *COMPUTER security standards, *COMPUTER network protocols, *COMPUTER access control

Abstract

As an important primitive, attribute-based encryption (ABE) has attracted much attention in the relative-leakage model. However, the leakage rate in almost all of the existing ABE schemes is restricted with a leakage parameter. It implicitly suggests that higher leakage rate results in larger ciphertexts and keys. Aiming at tackling the challenge, novel leakage-resilient ciphertext-policy attribute-based encryption (CP-ABE) and key-policy attribute-based encryption (KP-ABE) are designed in this paper. It achieves shorter secret key size and simultaneously does not suffer from the undesirable drawback above. To realize this, the concepts of CP-AB-HPS and KP-AB-HPS are introduced, which generalize the notion of hash proof system (HPS) to attribute-based setting. Under some static assumptions, the proposed schemes are proved adaptively secure in the standard model. In addition, the results in simulation experiments indicate that the proposed scheme is efficient and practical. [ABSTRACT FROM AUTHOR]

Published

2017

53. Bounds for Message Authentication with Distortion.

Author

SHAOQUAN JIANG

Subjects

*MESSAGE authentication codes, *COMPUTER access control, *COMPUTER security standards, *DATA encryption, *INFORMATION-theoretic security

Abstract

We consider a message authentication with distortion (DMA), where Alice encodes a source state and sends it over an unknown channel to Bob, who then tries to recover it, up to a small distortion. We formulate a formal model for this problem and define the authentication rate for DMA as the number of source symbols transmitted for each channel use. We characterize the best possible authentication rate (called authentication capacity) for a general DMA. We also obtain a lower bound on the adversarial success probability for a typical class of DMA. [ABSTRACT FROM AUTHOR]

Published

2017

54. Editorial: On the Security of the First Leakage-Free Certificateless Signcryption Scheme.

Author

XI-JUN LIN, LIN SUN, HAIPENG QU, and XIAOSHUAI ZHANG

Subjects

*COMPUTER security standards, *PRINTED ephemera, *DATA encryption, *INFORMATION-theoretic security, *DATA caps (Internet)

Abstract

Recently, Islam and Li proposed the first certificateless signcryption scheme without ephemeral secret leakage (ESL) attack, called leakage-free certificateless signcryption (leakage-free CLSC) scheme. However, we point out in this paper that the confidentiality property is not captured in their proposal. Moreover, our attack adheres to the security model proposed in the original paper. On the other hand, the security models proposed by Islam and Li are insufficient. In fact, the ESL attack is not involved in the security models since the ephemeral secret is not returned to the adversary when CLSC-Signcryption query and Challenge are issued. Finally, we give the amended security models. [ABSTRACT FROM AUTHOR]

Published

2017

55. A Secure Role-Based Cloud Storage System For Encrypted Patient-Centric Health Records.

Author

LAN ZHOU, VARADHARAJAN, VIJAY, and GOPINATH, K.

Subjects

*CLOUD storage security measures, *INFORMATION technology security, *DATA warehousing, *COMPUTER storage devices, *DATA encryption, *ELECTRONIC health records

Abstract

With the rapid developments occurring in cloud services, there has been a growing trend to use cloud for large-scale data storage. Due to the increasing popularity of cloud storage, many healthcare organizations have started moving electronic health records (EHRs) to cloud-based storage systems. However, this has raised the important security issue of how to protect and prevent unauthorized access to EHR data stored in a public cloud. Several cryptographic access control schemes have been proposed to protect the security of data stored in the cloud by integrating cryptographic techniques with access control models. In this paper, we consider a novel role-based encryption technique to build a secure and flexible large-scale EHR system where role-based access control policies are enforced in a cloud environment. Then we discuss a practical EHR system called the personally controlled electronic health record (PCEHR) system recently developed by the Australian Government, and show how the security weaknesses in the PCEHR system can be addressed by our proposed scheme. The proposed system has the potential to be useful in commercial healthcare systems as it captures practical access policies based on roles in a flexible manner and provides secure data storage in the cloud enforcing these access policies. [ABSTRACT FROM AUTHOR]

Published

2016

56. Practical Attribute-based Signature: Traceability and Revocability.

Author

JIANGHONG WEI, XINYI HUANG, WENFEN LIU, and XUEXIAN HU

Subjects

*DIGITAL signatures, *DATA encryption, *COMPUTER network security, *CRYPTOSYSTEMS, *PUBLIC key cryptography

Abstract

As a new variant of digital signature, attribute-based signature (ABS) is appealing for many scenarios, where both authentication and anonymity are desired. However, in such a paradigm, a user's secret key is not linkable to an authenticated identity, and the same set of attributes might be shared among multiple users. Consequently, a malicious user would leak his secret key for some purposes without the risk of being identified among these equal users. On the other hand, for a cryptosystem with a large number of users, there should be an efficient revocation mechanism to further inform that a user's credential is abolished. We note that none of the existing ABS schemes simultaneously supports traceability and revocability, which are crucial towards the practicability of ABS. In this work, we first give a formal security model for traceable and revocable ABS. Next, we provide a concrete construction that admits flexible threshold signing predicates. Finally, we prove the anonymity and traceability of the proposed scheme in the standard model. To the best of our knowledge, our construction is the first ABS scheme that enjoys the functionalities of traceability and revocability simultaneously, and thus is more feasible for practical applications. [ABSTRACT FROM AUTHOR]

Published

2016

57. RKA-Secure Public Key Encryptions Against Efficiently Invertible Functions.

Author

SHI-FENG SUN, LIU, JOSEPH K., YU YU, BAODONG QIN, and DAWU GU

Subjects

*CYBERTERRORISM, *COMPUTER crimes, *COMPUTER networks, *CRYPTOGRAPHY, *DATA encryption, *COMPUTER network resources

Abstract

Related-key attacks (RKAs) are a flavor of powerful physical attacks, which allow an adversary to modify the secret key stored in a cryptographic device and subsequently observe the effect of such modifications on the output of the device. Designing secure encryption schemes against such attacks is a challenging task, especially for a large class of such physical attacks which are usually captured by related-key derivation functions. In this work, we achieve the security of public key encryptions (PKEs) against a new and broad function class that consists of almost all efficiently invertible functions in two different ways. Specifically, we first give a generic construction of PKE which is proven secure against such a broad function class under the standard chosen-ciphertext security. Moreover, we present two practical concrete constructions, both of which are shown to be secure against such function class under standard assumptions in the standard model. At last, we give a detailed performance analysis, which shows that our constructions can not only resist to a large class of RKAs but also achieve a good efficiency. [ABSTRACT FROM AUTHOR]

Published

2016

58. Identity-Based Encryption with Verifiable Outsourced Revocation.

Author

YANLI REN, NING DING, XINPENG ZHANG, HAINING LU, and DAWU GU

Subjects

*DATA encryption, *COMPUTER security, *DIGITAL signatures, *COMPUTER network security, *TEXTILE technology, *COMPUTER systems

Abstract

In an identity-based encryption (IBE) scheme, how to revoke users from the system is a difficult problem when their private keys are compromised. The private key generator (PKG) updates the private keys for all unrevoked users and has high computation load when a large number of users are included. We propose an IBE scheme with verifiable outsourced revocation based on the onemalicious model of two servers. In the proposed scheme, PKG delegates the key update operations to the two servers for all unrevoked users. The PKG can detect the failure with probability 1 if one of the servers misbehaves. Our scheme is proven fully secure and verifiable against chosenplaintext attack (CPA) without random oracles. The servers cannot execute the key update operations for any revoked user even if they collude. The experiment shows the time cost for PKG in the outsourcing algorithm is much smaller than that for directly updating the private keys for all unrevoked users. [ABSTRACT FROM AUTHOR]

Published

2016

59. Almost-Tight Identity Based Encryption Against Selective Opening Attack.

Author

JUNQING GONG, XIAOLEI DONG, ZHENFU CAO, and JIE CHEN

Subjects

*FUNCTIONAL identities, *IDENTITY management systems, *INFORMATION technology security, *DATA encryption, *COMPUTER security

Abstract

The paper presents an identity based encryption (IBE) under selective opening attacks (SOA) whose security is almost-tightly related to a set of computational assumptions in composite-order bilinear groups. Our result is a combination of Bellare, Waters and Yilek's method [TCC, 2011] for constructing (not tightly) SOA secure IBE and Hofheinz, Koch and Striecks' technique [PKC, 2015] on building almost-tightly secure IBE in the multi-ciphertext setting. In the paper, we first tune Bellare et al.'s generic construction for SOA secure IBE to show that a one-bit IBE achieving ciphertext indistinguishability under chosen plaintext attack in the multi-ciphertext setting (with one-sided public openability) tightly implies a multi-bit IBE secure under the selective opening attack. Next, we almost tightly reduce such a one-bit IBE to static assumptions in the composite-order bilinear groups employing the technique of Hofheinz et al. This yields the first SOA secure IBE with almost-tight reduction. [ABSTRACT FROM AUTHOR]

Published

2016

60. Hybrid Multi-Biometric Template Protection Using Watermarking.

Author

NAFEA, OHOUD, GHOUZALI, SANAA, ABDUL, WADOOD, and QAZI, EMAD-UL-HAQ

Subjects

*DIGITAL watermarking, *DATA encryption, *DISCRETE wavelet transforms, *SINGULAR value decomposition, *HAMMING distance

Abstract

Biometric recognition has been proven to offer a reliable solution to authenticate the identity of the legitimate user. Because of the inherent nature of biometrics, which involves the practice of digitally scanning the physiological or behavioral characteristics of individuals as a means of identification, the biometric trait employed is associated permanently with an individual and cannot be modified. This paper proposes a multimodal biometric template protection algorithm for the security of stored biometric templates in a database. The proposed algorithm is based on watermarking, shuffling process, Hadamard matrix and chaotic map. The security of the algorithm depends on the secrecy of the keys and the chaotic map. Watermarking based on Discrete Wavelet Transform-Singular Value Decomposition has been applied to fuse the features of face and fingerprint in order to improve the security of biometric data. To satisfy the requirements of a biometric template protection algorithm, each genuine user is assigned a unique key for the shuffling process and a unique code is generated using Hadamard matrix. Hadamard matrix is used to provide orthogonality and chaotic map for randomization. The identification process is carried out using Hamming distance. The experimental results give a good performance in terms of achieving a minimum value of FRR and FAR in comparison with previous studies. [ABSTRACT FROM AUTHOR]

Published

2016

61. Revocable and Decentralized Attribute-Based Encryption.

Author

HUI CUI and Deng, ROBERT H.

Subjects

*DATA encryption, *COMPUTER software testing, *INTERNATIONAL communication, *RANDOMIZATION (Statistics), *EMBEDDING theorems

Abstract

In this paper, we propose a revocable and decentralized attribute-based encryption (ABE) system that splits the task of decryption key generation across multiple attribute authorities (AAs) without requiring any central party such that it achieves attribute revocation by simply stopping updating of the corresponding private key. In our system, a party can easily behave as an AA by creating a public and private key pair without any global communication except the creation for the common system parameters, under which it can periodically issue/update private key components for users that reflect their attributes, and an AA can freely leave the system once its corresponding attribute is revoked without communication with other AAs. In addition, to revoke a user, those AAs that have issued private keys to this user easily cease the key updating process for the user without affecting other AAs' execution. For the construction of our system, the technical barrier is to make private keys collusion resistant. Since in our system each component of a user's private key at a time period may come from different AAs and there is no coordination between these AAs, traditional technique of binding together different components (issued by different AAs) of a private key by randomization cannot be employed. To overcome this, we tie the key components together and prevent collusion attacks between different users by embedding distinct identifiers and a commonly shared time attribute in these components. [ABSTRACT FROM AUTHOR]

Published

2016

62. An End-to-End Security Approach for Digital Document Management.

Author

MUNOZ-HERNANDEZ, MARIO DIEGO, MORALES-SANDOVAL, MIGUEL, and GARCIA-HERNANDEZ, JOSE JUAN

Subjects

*ELECTRONIC records management, *ELECTRONIC security systems, *CONFIDENTIAL communications, *SIGNAL integrity (Electronics), *DATA encryption

Abstract

The typical Secure Document Management System (SDMS) uses cryptography or access control mechanisms to restrict illegal access by unauthorized users to digital documents. However, these techniques are insufficient when authorized users betray the trust of their organizations, distributing sensitive digital documents to unauthorized users. This paper presents a novel end-to-end approach to construct a robust SDMS able to guarantee not only the integrity and confidentiality of digital documents (data-centric security), but also providing robust insider threat tracing mechanisms (user-centric security). As far as the authors' knowledge extends, this is the first contribution that analyses security issues of SDMS considering data-centric (by means of encryption) and user-centric (based on fingerprinting) security services for the construction of an SDMS. Security requirements are identified from the modeling of a digital document's lifecycle. Then cryptographic techniques are carefully coupled with a fingerprinting technique at specific stages of the proposed document lifecycle. As a proof of concept, an SDMS was created, implemented and evaluated, demonstrating its feasibility for deployment in production environments. The robustness of the SDMS was proved, using standard cryptographic algorithms and secure key lengths. The created SDMS also resisted the collusion and retyping attacks commonly directed at fingerprinting applications. [ABSTRACT FROM AUTHOR]

Published

2016

63. Practical Attribute-Based Encryption: Traitor Tracing, Revocation and Large Universe.

Author

ZHEN LIU and WONG, DUNCAN S.

Subjects

*DATA encryption, *BLACK box warnings, *DATA security, *SELF-expression, *MONOTONIC functions

Abstract

A blackbox traceable Attribute-Based Encryption (ABE) can identify a malicious user called traitor, which created a decryption box with respect to an attribute set (respectively, access policy), out of all the users who share the same attribute set (respectively, access policy). However, none of the existing traceable ABE schemes can also support revocation and large attribute universe, that is, being able to revoke compromised keys, and can take an exponentially large number of attributes. In this paper, we formalize the definitions and security models, and propose constructions of both Ciphertext-Policy ABE and Key-Policy ABE that support (i) public and fully collusion-resistant blackbox traceability, (ii) revocation, (iii) large universe and (iv) any monotonic access structures as policies (i.e. high expressivity).We also show that the schemes are secure and blackbox traceable in the standard model against selective adversaries. [ABSTRACT FROM AUTHOR]

Published

2016

64. A Leakage-Resilient CCA-Secure Identity-Based Encryption Scheme.

Author

JIGUO LI, MEILIN TENG, YICHEN ZHANG, and QIHONG YU

Subjects

*CIPHERS, *CYBERTERRORISM, *DATA encryption, *DATA security failures, *EXPONENTIAL functions

Abstract

Identity-based encryption (IBE) has many appealing applications. However, some traditional IBE schemes may not be secure in the real world due to the side-channel attacks. Leakage-resilient cryptography can capture these attacks by modeling information leakage that adversary can access. In this paper, we apply a hash proof technique in the existing CCA-secure variant of the Gentry's IBE scheme to construct a new leakage-resilient IBE scheme in the bounded-leakage model. The proposed scheme is more computationally efficient than the original Alwen et al.'s leakage-resilient IBE scheme. It enjoys a shorter key (public/secret key) length, and a higher relative key leakage ratio. The new leakage-resilient scheme is proved semantically secure against adaptive chosen ciphertext attack in the standard model under the truncated augmented bilinear Diffie-Hellman exponent (q-TABDHE) assumption. [ABSTRACT FROM AUTHOR]

Published

2016

65. A Key-Policy Attribute-Based Proxy Re-Encryption Without Random Oracles.

Author

CHUNPENG GE, SUSILO, WILLY, JIANDONG WANG, ZHIQIU HUANG, LIMING FANG, and YONGJUN REN

Subjects

*DATA encryption, *CIPHERS, *QUERY languages (Computer science), *DATA conversion, *BILINEAR forms, *BILINEAR transformation method

Abstract

A conditional proxy re-encryption (CPRE) scheme enables the proxy to convert a ciphertext from Alice to Bob, if the ciphertext satisfies one condition set by Alice. To improve the issue of more fine-grained on the condition set, Fang, Wang, Ge and Ren proposed a new primitive named Interactive conditional PRE with fine grain policy (ICPRE-FG) in 2011, and left an open problem on how to construct CCA-secure ICPRE-FG without random oracles. In this paper, we answer this open problem affirmatively by presenting a new construction of CCA-secure key-policy attribute-based PRE (KP-ABPRE) without random oracles. In this paper, we enhance the security model of Fang's ICPRE-FG scheme by allowing the adversary to make some extra queries, which do not help them win the game trivially. Finally, we present a CCA-secure KP-ABPRE without random oracles under the 3-weak decisional bilinear Diffie-Hellman inversion(3-wDBDHI) assumption. [ABSTRACT FROM AUTHOR]

Published

2016

66. RGB, a Mixed Multivariate Signature Scheme.

Author

WUQIANG SHEN and SHAOHUA TANG

Subjects

*PUBLIC key cryptography, *ALGEBRAIC attacks (Cryptography), *DATA encryption, *CRYPTOGRAPHY, *CRYPTOSYSTEMS

Abstract

At present, 'mixed-type' multivariate schemes are relatively rare except the Dragon scheme and its variants (Little Dragon Two scheme and Poly-Dragon scheme). However, they are insecure. In this paper, we first define a particular polynomial called Three-color Polynomial (this polynomial has three-class variables, and the form of the associated symmetric matrix of its quadratic part is similar to the 'three-color model' in colorimetry. So we call it three-color polynomial), and its corresponding Three-color Map. Based on the three-color map, we then present a mixed multivariate signature scheme named RGB (it means Red–Green–Blue, because the central map of this scheme is a threecolor map, and the 'three-color' stands for RGB in colorimetry), which is a variant of the Unbalanced Oil–Vinegar (UOV) signature scheme. Compared with UOV, each polynomial of the central map of RGBhas more cross-terms among all the variables {Y, Z, T}. The variable Y has much to do with message values.To a certain degree, the variable Y stands for the message values. This means that the message values can be more fully mixed with other variable values in the central map, and the adversary is very difficult to forge the signature. Thus, in theory RGB is more secure than UOV. Through detailed analysis, we find thatRGBcan resist current known algebraic attacks under proper parameters, such as exhaustive search attack, separation attack, MinRank attack and direct attack (other algebraic attacks are inapplicable for RGB). Besides, our experiments show that under choosing the security level of 280, the signing time of Magma implementation of RGB is 0.046 s on an ordinary Linux-PC with 2.50 GHz, and the signing time of its C implementation is ∼0.003 s on an 800MHz machine. The comparisons show that the signing speed of RGB is faster than that of Sflashv2, Quartz, UOV, Rainbow and RSA-1024, and is slightly slower than that of ECDSA-163 and NTRUSign-251. Overall, this new scheme can attain very good performance in terms of security and efficiency. [ABSTRACT FROM AUTHOR]

Published

2016

67. Efficient Generic Construction of CCA-Secure Identity-Based Encryption from Randomness Extraction.

Author

JOONSANG BAEK, WONG, DUNCAN S., JIN LI, and MAN HO AU

Subjects

*CIPHERS, *DATA encryption, *PUBLIC key cryptography, *DATA extraction, *ENCRYPTION protocols

Abstract

We propose a generic construction that yields efficient identity-based encryption (IBE) schemes secure against chosen ciphertext attack (CCA) in the standard model. Our construction extends Kiltz et al.'s (Eurocrypt '09) method of constructing CCA-secure public-key encryption schemes via randomness extraction to the identity-based setting. The main idea of our construction is to transform 'ϵ1ϵ1-almost κκ-entropic' and valid/invalid ciphertext indistinguishable (VI-IND) identity-based hash proof system to the one that satisfies the stronger 'ϵ2ϵ2-universal' and VI-IND property. This transformation is realized by a randomness extractor based on the 4-wise hash function. We demonstrate that our generic construction can produce CCA-secure IBE schemes whose efficiency is comparable with the most efficient but non-generic CCA-secure IBE schemes without random oracles in the literature. [ABSTRACT FROM AUTHOR]

Published

2016

68. Token-Leakage Tolerant and Vector Obfuscated IPE and Application in Privacy-Preserving Two-Party Point/Polynomial Evaluations.

Author

MINGWU ZHANG and YI MU

Subjects

*DATA encryption, *ENCRYPTION protocols, *PUBLIC key cryptography, *CRYPTOSYSTEMS, *CRYPTOGRAPHY

Abstract

In mobile environments, data stored in nodes are subject to side-channel attacks such as power analysis, emitted signal, detected radiation, etc. In this work, we propose a leakage-resilient inner-product encryption that the decryption will succeed if and only if the decryption attribute vector (generate the token) meets the orthogonal encryption attribute vector (obfuscated encryption policy), that is, the match holds that the inner product of two vectors is zero. Propose scheme supports the security of attribute-hiding and leakage-resilient in the standard model. The adversary cannot only issue any token reveal query on non-match vector, but also can request at most ℓ-bit information on the token-leakage query even if the queried vector matches the challenge vector. We prove the security by the technique of dual system encryption in the orthogonal subgroups, to be strongly leakage-resilient and adaptively attribute-hiding. We also deploy our scheme as a building block to devise a secure twoparty point/polynomial evaluation protocol in mobility environments, in which two parties cooperate to evaluate a polynomial in the sense that their sensitive inputs of both point and polynomial are fully preserved. Finally, we assess the performance of leakage resilience including the leakage bound and the leakage fraction (LF). Analysis shows that the leakage bound is approximate (n − 1) log π2 and the LF is about 1/2(1 + ω1 + ω3), where n is the length of vector, π2 is the order of subgroupGπ2 and ω1, ω3 are the constants. We can obtain optimized LF 1/2 − o(1) by varying the sizes of subgroups. [ABSTRACT FROM AUTHOR]

Published

2016

69. Compact Anonymous Hierarchical Identity-Based Encryption with Constant Size Private Keys.

Author

LEYOU ZHANG, YI MU, and QING WU

Subjects

*DATA encryption, *ENCRYPTION protocols, *CIPHERS, *CRYPTOGRAPHY, *CRYPTOSYSTEMS

Abstract

We present a new construction of anonymous hierarchical identity-based encryption (HIBE) over prime order groups. The distinct feature of our proposed scheme is that both private key and ciphertext have a constant size, which has never been achieved in all other existing anonymous HIBE schemes. Moreover, we utilized a double exponent technique to generate the ciphertext in order to provide anonymity. This simple and efficient method allows us to construct a more compact anonymous HIBE in prime order groups. Under the decisional bilinear n + 1-Diffie–Hellman exponent assumption and linear assumption, we show that the proposed scheme is secure and anonymous against chosen plaintext attacks in the standard model. [ABSTRACT FROM AUTHOR]

Published

2016

70. Forward-Secure Threshold Attribute-Based Signature Scheme.

Author

JIANGHONG WEI, WENFEN LIU, and XUEXIAN HU

Subjects

*DIGITAL signatures, *DATA privacy, *COMPUTER access control, *INFORMATION technology security, *DATA encryption

Abstract

In an attribute-based signature (ABS) scheme, each signer is issued a private key according to his/her attributes, and can sign a message with respect to some signing predicate satisfied by his/her attributes. A recipient of the signature can verify that the signature is indeed endorsed by someone that possesses some attributes satisfying the signing predicate, without learning any information about the attributes that are utilized to produce the signature. Since the introduction of ABS, it has been well investigated in recent years. However, there are few works proposed to solve the problem of key exposure in the setting of ABS. In fact, this problem becomes more acute with the increasing tendency that unprotected and mobile devices are more and more popular. To solve the above problem, this work proposes a forward-secure ABS scheme supporting threshold predicates. The proposed scheme is proved secure under the η-Diffie-Hellman Exponent assumption without random oracles, and is also efficient in terms of communication and computation. Furthermore, it is implemented to show its practical applicability. [ABSTRACT FROM AUTHOR]

Published

2015

71. Enhancing an Embedded Processor Core for Efficient and Isolated Execution of Cryptographic Algorithms.

Author

YUMBUL, KAZIM and SAVAŞ, ERKAY

Subjects

*REDUCED instruction set computers, *PUBLIC key cryptography, *DATA encryption, *ADVANCED Encryption Standard, *COMPUTER storage devices, *INFORMATION technology security

Abstract

We propose enhancing a reconfigurable and extensible embedded reduced instruction set computer (RISC) processor core with a protected zone for isolated execution of cryptographic algorithms. The protected zone is a collection of processor subsystems such as functional units optimized for high-speed execution of integer operations, a small amount of local memory for storing sensitive data during cryptographic computations, and special-purpose and cryptographic registers to execute instructions securely. We outline the principles for secure software implementations of cryptographic algorithms in a processor equipped with the proposed protected zone.We demonstrate the efficiency and effectiveness of our proposed zone by implementing the most-commonly used cryptographic algorithms in the protected zone; namely RSA, elliptic curve cryptography, pairingbased cryptography, Advanced Encryption Standard (AES) block cipher, and secure hash algorithm (SHA)-1 and SHA-256 cryptographic hash functions. In terms of time efficiency, our software implementations of cryptographic algorithms running on the enhanced core compare favorably with equivalent software implementations on similar processors reported in the literature. The protected zone is designed in such a modular fashion that it can easily be integrated into any RISC processor. The proposed enhancements for the protected zone are realized on an field programmabel gate array (FPGA) device. The implementation results on the FPGA confirm that its area overhead is relatively moderate in the sense that it can be used in many embedded processors. Finally, the protected zone is useful against cold-boot and micro-architectural side-channel attacks such as cache-based and branch prediction attacks. [ABSTRACT FROM AUTHOR]

Published

2015

72. Revisiting Security Against the Arbitrator in Optimistic Fair Exchange.

Author

YANG WANG, SUSILO, WILLY, and MAN HO AU

Subjects

*ELECTRONIC money, *DIGITAL signatures, *DATA encryption, *ELECTRONIC commerce, *COMPUTER access control

Abstract

The problem to allow two parties (say Alice and Bob) to sign an electronic contract online fairly is an interesting problem and it has been studied for a long time. Optimistic fair exchange (OFE) is an efficient remedy to this problem, which incorporates a semi-trusted third party called arbitrator, who will be called in to resolve a dispute during an exchange between Alice and Bob. It should be noted that the arbitrator is not required to be fully trusted, or else such an entity may not be available in practice. To reduce the trust level of the arbitrator, the requirement that the arbitrator should not be able to produce a full signature without the signer's content has been proposed in literature. Nevertheless, we observe that the existing OFE models do not capture the realistic situation that the arbitrator itself should not be able to generate a partial signature on a new message. This requirement is essential since we only put a partial trust towards the arbitrator, but on the other hand, we also assume that the arbitrator will not do such a forgery. Therefore, to reflect this situation, we propose an enhanced model of OFE that explicitly captures this requirement. We demonstrate the difference between our enhanced model and the existing chosen-key model through a concrete OFE scheme that serves as a counterexample. Since our model is strictly stronger than the existing model, we investigate the security of the existing schemes in our enhanced model. Interestingly, we show that OFE schemes based on verifiably encrypted signature and those based on ring signature can remain secure in our enhanced model given slight modifications to the primitives. [ABSTRACT FROM AUTHOR]

Published

2015

73. Leakage-Free and Provably Secure Certificateless Signcryption Scheme Using Bilinear Pairings.

Author

ISLAM, SK HAFIZUL and FAGEN LI

Subjects

*DATA encryption, *PUBLIC key cryptography, *CIPHERS, *EASTER eggs (Computer programs), *INFORMATION technology security, *DATA security failures

Abstract

Signcryption schemes play a vital role to accomplish confidentiality, integrity, authentication and non-repudiation of messages simultaneously. In the literature, many certificateless signcryption (CLSC) schemes have been designed; however, most of them are vulnerable to ephemeral secret leakage (ESL) attack. In these schemes, sender uses an ephemeral secret to compute a ciphertext on a message. However, there is a possibility to compromise the ephemeral secret, since it is generally precomputed and stored in an insecure device. Furthermore, it is generated by an external source, which can be controlled by an adversary. Thus, from the knowledge of compromised ephemeral secret, an adversary may calculate the private key of the sender and the message from the eavesdropped ciphertext, and this problem is called ESL attack. In this paper, we proposed a leakage-free CLSC, which is secure against ESL attack in the random oracle model. The proposed scheme provides confidentiality under the Co-Bilinear Diffie-Hellman (Co-BDH) assumption and unforgeability based on Co-Computational Diffie-Hellman assumption. [ABSTRACT FROM AUTHOR]

Published

2015

74. Privacy-Preserving Query Processing by Multi-Party Computation.

Author

SEPEHRI, MARYAM, CIMATO, STELVIO, and DAMIANI, ERNESTO

Subjects

*DATA privacy, *INFORMATION technology security, *COMPUTATIONAL complexity, *DATA encryption, *DATA security, *SQL

Abstract

In this paper, we investigate privacy-preserving query processing (P³Q) techniques on partitioned databases, where relational queries have to be executed on horizontal data partitions held by different data owners. In our scenario, data owners use Secure Multi-party Computation (SMC) to compute privacy-preserving queries on entire relation(s) without sharing their private partitions. Our solution is applicable to a subset of SQL query language called SQL-- including selection and equi-join queries. To nicely scale up with large size data, we show that computation and communication costs can be reduced via a novel bucketization technique. We consider the classical notion of query privacy, where the querier only learns query results (and what can be inferred from it), and data owners learn as little as possible (in a computational sense) about the query. To ensure such privacy, our technique involves a trusted party only at the beginning of the protocol execution. Experimental results on horizontally partitioned, distributed data show the effectiveness of our approach. [ABSTRACT FROM AUTHOR]

Published

2015

75. Fully Secure Wicked Identity-Based Encryption Against Key Leakage Attacks.

Author

SHI-FENG SUN, DAWU GU, and ZHENGAN HUANG

Subjects

*INFORMATION technology security, *DATA encryption, *DATA security failures, *CYBERTERRORISM, *PUBLIC key cryptography

Abstract

With the purpose of taking physical attacks into account in security proofs, leakage-resilient cryptography has been initiated. Recently, many leakage-resilient cryptographic primitives have been proposed. In this paper, we put forward the first leakage-resilient wicked identity-based encryption (wicked IBE) scheme. To achieve this goal, we first present a new wicked IBE scheme in the composite order groups. The security proof of this scheme is achieved via the dual system encryption technique. In contrast with existing wicked IBE schemes, the new proposal can be proved fully secure in the standard model, even when the maximum hierarchy depth is a polynomial in the security parameter. Moreover, its security is based on some standard assumptions in the composite groups, which are independent of the hierarchy depth of the scheme. Based on this newly proposed scheme, we then put forward a fully secure leakage-resilient wicked IBE scheme in the bounded memory-leakage model. The leakage here is not only allowed on the user's secret key, but also on the master secret key. Its security is proved in the standard model by a hybrid argument in a sequence of computationally indistinguishable games. To the best of our knowledge, this is the first wicked IBE scheme in the context of leakage resilience. [ABSTRACT FROM AUTHOR]

Published

2015

76. A Generic Method for the Analysis of a Class of Cache Attacks: A Case Study for AES.

Author

SAVAŞ, ERKAY and YILMAZ, CEMAL

Subjects

*CACHE memory, *ADVANCED Encryption Standard, *CYBERTERRORISM, *INFORMATION technology security, *DATA encryption, *CIPHERS

Abstract

In this paper, we present a methodology to evaluate the feasibility, effectiveness and complexity of a class of cache-based side-channel attacks. The methodology provides estimates on the lower bound of the required number of observations on the side channel and the number of trials for a successful attack. As a case study, a weak implementation of the Advanced Encryption Standard algorithm is selected to apply the proposed methodology to three different categories of cachebased attacks; namely, access-driven, trace-driven and time-driven attacks. The approach, however, is generic in the sense that it can be utilized in other algorithms that are subject to the microarchitectural side-channel attacks. The adopted approach bases its analysis method partially on the conditional entropy of secret keys given the observations of the intermediate variables in software implementations of cryptographic algorithms via the side channel and explores the extent to which the observations can be exploited in a successful attack. Provided that the intermediate variables are relatively simple functions of the key material and the known inputs or outputs of cryptographic algorithms, a successful attack is theoretically feasible. Our methodology emphasizes the need for an analysis of this leakage through such intermediate variables and demonstrates a systematic way to measure it. The method allows us to explore every attack possibility, estimate the feasibility of an attack, and compare the efficiency and the costs of different attack strategies to determine an optimal level of effective countermeasures. [ABSTRACT FROM AUTHOR]

Published

2015

77. Public-Key Encryption Schemes with Bounded CCA Security and Optimal Ciphertext Length Based on the CDH and HDH Assumptions.

Author

PEREIRA, MAYANA, DOWSLEY, RAFAEL, NASCIMENTO, ANDERSON C. A., and HANAOKA, GOICHIRO

Subjects

*PUBLIC key cryptography, *CIPHERS, *CYBERTERRORISM, *INFORMATION technology security, *PROBABILISTIC databases, *DATA encryption

Abstract

In Cramer et al. (2007, Bounded CCA2-Secure Encryption. In Kurosawa, K. (ed.), Advances in Cryptology - ASIACRYPT 2007, Kuching, Malaysia, December 2-6, Lecture Notes in Computer Science, Vol. 4833, pp. 502-518. Springer, Berlin, Germany) proposed a public-key encryption scheme secure against adversaries with a bounded number of decryption queries based on the decisional Diffie-Hellman problem. In this paper, we show that the same result can be obtained based on weaker computational assumptions, namely: the computational Diffie-Hellman and the hashed Diffie-Hellman assumptions. [ABSTRACT FROM AUTHOR]

Published

2015

78. Efficient and Fully CCA Secure Conditional Proxy Re-Encryption from Hierarchical Identity-Based Encryption.

Author

KAITAI LIANG, SUSILO, WILLY, LIU, JOSEPH K., and WONG, DUNCAN S.

Subjects

*DATA encryption, *CLOUD computing, *DATA warehousing, *INFORMATION technology security, *HIERARCHICAL storage management (Computers), *CIPHERS

Abstract

A proxy re-encryption (PRE) allows a data owner to delegate the decryption rights of some encrypted data stored on the cloud without revealing the data to an honest-but-curious cloud service provider (i.e. the PRE proxy). Furthermore, the data owner can offload most of the computational operations to the cloud service provider and hence, usingPREfor encrypted cloud data sharing can be very effective even for data owners using limited resource devices (e.g. mobile devices). However, PRE schemes only enables data owners to delegate the decryption rights of all their encrypted data. A more practical notion is a conditional PRE (CPRE) that allows us to specify under what condition the decryption of an encrypted data can be delegated, for example, only sharing all the encrypted files under a directory called 'public'. In this paper, we provide an affirmative result on the long-standing question of building a full chosen-ciphertext attacks (CCA)-secure CPRE system in the standard model and for the first time, we show that a class of Hierarchical Identity-Based Encryption (HIBE) schemes can be transferred to building a CCA-secure CPRE in the standard model.We also list out some concrete HIBE schemes which fall into this class, e.g., Lewko-Waters HIBE. All existing CCA-securePRE schemes in the standard model are not conditional while all existing CPRE schemes are either not CCA secure or not in the standard model. By instantiating our generic HIBE-based transformation, we show that an efficient and concrete CPRE scheme which is both CCA secure in the standard model and conditional can be built. [ABSTRACT FROM AUTHOR]

Published

2015

79. Generalized Random Grid-Based Visual Secret Sharing for General Access Structures.

Author

CHUNFENG LIAN, LIAOJUN PANG, and JIMIN LIANG

Subjects

*INFORMATION technology security, *COMPUTER access control, *NONLINEAR codes, *DATA encryption, *DATA warehousing

Abstract

A conventional matrix-based visual secret sharing scheme has the drawbacks of pixel expansion and the requirement of predetermined sophisticated codebooks. A random grid-based visual secret sharing (RGVSS) scheme is an effective approach to solving these two problems. However, up to now, most of the existing publications about the RGVSS scheme deal with the threshold access structures, while there is hardly any appropriate method to construct the RGVSS scheme for general access structures (GASs). In this paper, a novel method to construct a generalized RGVSS (GRGVSS) scheme for GASs is proposed. The construction algorithm consists of two parts. In the first part, a more general (n, n)-GRGVSS scheme is proposed; in addition, the visual quality of the reconstructed secret image for this GRGVSS scheme is formally analyzed. In the second part, we utilize this (n, n)- GRGVSS to construct the GRGVSS scheme for given GASs by treating the procedure as a nonlinear 0-1 programming model. In the experimental phase, by changing the given preconditions, we analyze the security of the proposed scheme and assess the visual quality of the recovered secret images for the proposed scheme under different situations. The simulation results show that the proposed GRGVSS scheme for GASs is feasible and efficient. [ABSTRACT FROM AUTHOR]

Published

2015

80. Generic Construction of Certificate-Based Encryption from Certificateless Encryption Revisited.

Author

WEI GAO, GUILIN WANG, XUELI WANG, and KEFEI CHEN

Subjects

*PUBLIC key cryptography, *DATA encryption, *CERTIFICATE authority, *INFORMATION technology security, *COMPUTER access control

Abstract

Certificateless public key encryption (CLE) and certificate-based encryption (CBE) are motivated to simultaneously solve the heavy certificate management problem inherent in the traditional public key encryption (PKE) and the key escrow problem inherent in the identity-based encryption (IBE). Al-Riyami and Paterson proposed a general conversion from CLE to CBE, which is neat and natural. Kang and Park pointed out a flaw in their security proof. Wu et al. proposed another generic conversion from CLE to CBE which additionally involves collision resistant hash functions. It remains an open problem whether the generic conversion due to Al-Riyami and Paterson is provably secure or not. We are motivated to solve this open problem. Our basic idea is to enhance Type II adversary's power a little by allowing it to conditionally replace a user's public key. We first formalize a new security model of CLE in this way. Then, we succeed in proving that the Al-Riyami-Paterson generic conversion from CLE to CBE is secure, if the CLE scheme is secure in our new security model. Finally, a concrete provably secure CBE scheme is presented to demonstrate the applicability of our result. [ABSTRACT FROM AUTHOR]

Published

2015

81. Cryptanalysis of WG Family of Stream Ciphers.

Author

LIN DING, CHENHUI JIN, JIE GUAN, SHAOWU ZHANG, TING CUI, DONG HAN, and WEI ZHAO

Subjects

*DATA encryption, *STREAM ciphers, *CYBERTERRORISM, *HARDWARE Trojans (Computers), *COMPUTATIONAL complexity

Abstract

The well-known Welch-Gong (WG) stream cipher, proposed by Nawaz and Gong in 2005, was submitted to the hardware profile of the eSTREAM project. In the last several years, the original WGhas come under several cryptanalytic attacks. However, as for the final version ofWG, no attack has been published on it until now. In this paper, an efficient key recovery attack on the final WG stream cipher in the related key setting is proposed. Under related keys, we can recover the 128-bit secret key of WG-128 with a time complexity of 289 and a memory complexity of 245. The success probability of the attack is 0.6321. This result shows that our attack on WG-128 is much better than an exhaustive key search in the related key setting. Furthermore, our cryptanalytic results show that WG with IV size no less than 80 bits is vulnerable to a related key attack. The main feature of our attack is that it is independent of the number of steps in the key/IV setup ofWG, and then increasing the number of steps in the key/IV setup cannot strengthen the resistance of WG against a related key attack. Finally, a recommended approach to repair the weakness and strengthen the resistance of WG against a related key attack is presented. [ABSTRACT FROM AUTHOR]

Published

2015

82. Revocable Group Signature with Constant-Size Revocation List.

Author

ATTRAPADUNG, NUTTAPONG, EMURA, KEITA, GOICHIRO HANAOKA, and YUSUKE SAKAI

Subjects

*GROUP signatures (Computer security), *MULTIUSER channels, *PUBLIC key cryptography, *INFORMATION technology security, *DATA encryption

Abstract

It is essential that a multi-user cryptographic primitive be revocable since a legitimate user may quit the organization, or may act on malicious intent, or the relevant key may be leaked. In the group signature context, usually the group manager publishes the revocation list that contains revocation tokens. Since signers/verifiers need to obtain the revocation list in each revocation epoch to generate/verify a group signature, a small-size revocation list is really important in practice. However, all previous revocable group signatures require at least an O(r)-size revocation list, where r is the number of revoked users. In this paper, we propose the first revocable group signature scheme with a constant-size revocation list using identity-based revocation (IBR) techniques. We use an IBR scheme proposed by Attrapadung-Libert-Panafieu (PKC 2011) as a building block. As in the Libert-Peters-Yung schemes (EUROCRYPT 2012/CRYPTO 2012), no signing key update is required. In addition, the verification cost does not depend on the number of revoked users r. Although the maximum number of revoked users needs to be fixed in the setup phase, the maximum number of group members is potentially unbounded as in IBR. This property has not been achieved in the recent scalable revocable group signature schemes and seems to be of independent interest. [ABSTRACT FROM AUTHOR]

Published

2015

83. PKE-AET: Public Key Encryption with Authorized Equality Test.

Author

KAIBIN HUANG, RAYLIN TSO, YU-CHI CHEN, RAHMAN, SK MD MIZANUR, ALMOGREN, AHMAD, and ALAMRI, ATIF

Subjects

*PUBLIC key cryptography, *PUBLIC key infrastructure (Computer security), *CIPHERS, *MULTIUSER channels, *DATA encryption, *INFORMATION technology security

Abstract

In this paper, we propose a new notion of public key encryption scheme with authorized equality test (PKE-AET), which allows authorized users those who have warrants to test the equivalence between two messages, where the messages are encrypted using different public keys. Comparing with the existing researches, our PKE-AET provides two kinds of warrants that are referred to as receiver's warrants and cipher-warrants. The proposed PKE-AET is able to deal with the following complicated scenario: Assume that a receiver authorizes a receiver's warrant to a tester, which makes the tester be able to perform equality test on all of receivers' ciphertext; on the other hand, if receiver authorizes a cipher-warrant corresponding to a specific ciphertext to the tester, then the tester only acquires the equality test on that particular ciphertext. The equality between two ciphertexts can be verified by the tester without decryption after he or she receives two warrants and varies their validations. Moreover, for security analysis, we define two types of adversaries and security notions for PKE-AET in the multi-user setting. Furthermore, we prove that our PKE-AET is one-way CCA secure against type-I adversaries and IND-CCA secure against type-II adversaries. Finally, the proposed scheme leads better efficiency than most of previous equality test schemes. [ABSTRACT FROM AUTHOR]

Published

2015

84. S-DIRECT: Scalable and Dynamically Reconfigurable TCAM Architecture for High-Speed IP Lookup.

Author

AYYILDIZ, NIZAM, SCHMIDT, ECE GÜRAN, and GÜRAN, HASAN CENGIZ

Subjects

*INTERNET protocols, *COMPUTER storage devices, *COMPUTER input-output equipment, *DATA encryption, *FIELD programmable gate arrays

Abstract

IP address lookup modules for backbone routers should store 100Ks of entries, find the longest prefix match (LPM) for each incoming packet at 10s of Gbps line speed and support thousands of lookup table (LUT) updates each second. It is desired that these updates are non-blocking, that is without disrupting the ongoing lookups. Furthermore, considering the increasing line rates and table sizes, the scalability of the design is very important. Ternary content-addressable memory (TCAM) architectures are widely deployed for hardware IP lookup. In this paper, we propose a novel TCAM architecture, S-DIRECT-Scalable and Dynamically REConfigurable TCAM, that is custom designed for hardware IP lookup. S-DIRECT consists of hierarchically combined TCAM cells with inherent priority encoders (PEs) to support LPM. Hence, its design is scalable without any need for a separate PE or a redesign for different table size. Furthermore, S-DIRECT can perform constant time, non-blocking updates in hardware provided that certain write capabilities are present in the TCAM entries. S-DIRECT architecture is both independent of the hardware platform and the implementation of the TCAM cells. We demonstrate the generality and viability of S-DIRECT by implementing it both with prefix/mask register and LUT-based TCAM cells on FPGA. [ABSTRACT FROM AUTHOR]

Published

2015

85. From Ephemerizer to Timed-Ephemerizer: Achieve Assured Lifecycle Enforcement for Sensitive Data.

Author

QIANG TANG

Subjects

*DATA encryption, *BACK up systems, *CRYPTOGRAPHY, *DATA security, *DATA warehousing, *INTERNET protocols

Abstract

The concept of Ephemerizer, proposed by Perlman, is a cryptographic primitive for assured data deletion. With an Ephemerizer protocol, data in persistent storage devices will always be encrypted simultaneously using an ephemeral public key of the Ephemerizer (an entity that will publish a set of ephemeral public keys and periodically delete the expired ones) and the long-term public key of a user. An Ephemerizer protocol enables the user to securely decrypt the encrypted data without leaking any information to the Ephemerizer. So far, no security model has ever been proposed for this primitive and existing protocols have not been studied formally. Not surprisingly, we show that some existing Ephemerizer protocols possess security vulnerabilities. In this paper, we review the notion of Timed-Ephemerizer, which can be regarded as a hybrid primitive by combining Ephemerizer and timed-release encryption. Compared with an Ephemerizer protocol, a Timed-Ephemerizer protocol further guarantees that data will only be released after a pre-defined disclosure time. Moreover, we revisit a security model for Timed-Ephemerizer and adapt it for Ephemerizer. We also revise a previous Timed-Ephemerizer protocol by Tang and prove its security in the security model. [ABSTRACT FROM AUTHOR]

Published

2015

86. Public Key Encryption with Delegated Equality Test in a Multi-User Setting.

Author

SHA MA, MINGWU ZHANG, QIONG HUANG, and BO YANG

Subjects

*PUBLIC key cryptography, *DATA encryption, *INTERNET protocols, *DATA security, *APPLICATION software

Abstract

Probabilistic public key encryption with equality test (PKEET), introduced by Yang et al. in CTRSA 2010, is able to check whether two ciphertexts are encryptions of the same message under different public keys without leaking anything else about the message encrypted under either public key. PKEET schemes have many applications, for example, in constructing searchable encryption and partitioning encrypted data. Previous PKEET schemes lack a delegation mechanism for users to specify who can perform the equality test between their ciphertexts. In this paper, we propose the notion of public key encryption with delegated equality test (PKE-DET), which requires only the delegated party to deal with the work in a practical multi-user setting, and present a concrete construction in Type 2 pairing, which is provably secure under the newly introduced security notions. [ABSTRACT FROM AUTHOR]

Published

2015

87. Efficient Identity-Based Proxy Signature in the Standard Model.

Author

KE GU, WEIJIA JIA, and CHUNLIN JIANG

Subjects

*DIGITAL signatures, *COMPUTER network security, *DATA encryption, *COMPUTER access control, *ORACLE software, *CRYPTOGRAPHY

Abstract

Presently, many identity-based proxy signature (IBPS) schemes have been proposed, but most of them are constructed in the random oracle model. Also, the proposed security model for IBPS is not enough complete according to Boldyreva's work. Cao and Cao proposed an IBPS scheme in the standard model. However, their scheme is not secure because of not resisting the attack of delegator and requires more computation cost. In this paper, we present a framework for IBPS and show a detailed security model for IBPS. Under our framework, we present an efficient IBPS scheme in the standard model. Compared with other IBPS schemes, the proposed scheme has more complete security and is more efficient. [ABSTRACT FROM AUTHOR]

Published

2015

88. Functional Encryption Resilient to Hard-to-Invert Leakage.

Author

MINGWU ZHANG, CHUNZHI WANG, TSUYOSHI TAKAGI, and YI MU

Subjects

*DATA encryption, *CIPHERS, *DATA security, *CLOUD computing, *COMPUTER passwords, *COMPUTER access control

Abstract

Functional encryption (FE) systems provide a flexible and expressive encryption mechanism that private keys and ciphertexts are associated with attributes ... and predicate formulae Γ and decryption are possible whenever keys and ciphertexts are related, i.e. Γ(...) = 1. In this work, we put forward a leakage-resilient FE scheme against the amount of leakage output over a hard-to-invert function family. In our scheme, the encryption policy is specified as an arbitrary monotonic formula, and the adversary can learn the arbitrary length output of the master key and the private key from any computationally irreversible function with the input (master) keys. To improve the efficiency, we employ the set of minimal sets to describe the predicate formula or access structure, and initiate the formal model of leakage-resilient FE, which is a generic extension of identity-based encryption and attribute-based encryption in the presence of key leakage with auxiliary inputs.We provide the concrete construction in bilinear groups of composite order, and prove the adaptively leakage-resilient security in the standard model based on static assumptions. Our hard-to-invert leakage resilience employs the Goldreich-Levin theorem and its extension as a hard-core value over large fields.We also give an extensional construction in the case of obtaining the hard-to-invert randomness leakage of the encryption, which uses a strong extractor to prevent leakage of randomness and a hard-to-invert encryption to prevent the leakage of the key. Finally, we analyze and discuss the stepped-up security on master leakage and continual leakage, and the lower bound of the irreversible leakage function. [ABSTRACT FROM AUTHOR]

Published

2015

89. Extend the Concept of Public Key Encryption with Delegated Search.

Author

QIANG TANG, HUA MA, and XIAOFENG CHEN

Subjects

*PUBLIC key cryptography, *DATA encryption, *CLIENT/SERVER computing, *DATA transmission systems, *CLOUD computing, *DATA security

Abstract

We revisit the concept of public key encryption with delegated search (PKEDS), a concept proposed by Ibraimi et al. A PKEDS scheme allows a receiver to authorize a third-party server to search in two ways: either according to a message chosen by the server itself or according to a trapdoor sent by the receiver. We first show some observations on the primitive formulation and the proposed PKEDS scheme by Ibraimi et al. and point out that the single-server setting may limit the application of this primitive. We then extend the concept to the multiple-server setting and present a new security model. We finally propose a new PKEDS scheme, which is proven secure, and compare it with that by Ibraimi et al. [ABSTRACT FROM AUTHOR]

Published

2015

90. Automated Proofs for Computational Indistinguishability.

Author

Ngo, Long, Boyd, Colin, and Nieto, Juan González

Subjects

*PROOF theory, *DATA encryption, *COMPUTER security, *CRYPTOGRAPHY, *COMPUTERS

Abstract

We present a tool for automatic analysis of computational indistinguishability between two strings of information. This is designed as a generic tool for proving cryptographic security based on a formalism that provides computational soundness preservation. The tool has been implemented and tested successfully with several cryptographic schemes. [ABSTRACT FROM PUBLISHER]

Published

2014

91. On Unconditional ϵ-Security of Private Key Encryption.

Author

Jiang, Shaoquan

Subjects

*DATA encryption, *INFORMATION theory, *CRYPTOGRAPHY research, *ENTROPY (Information theory), *DATA security

Abstract

Motivated by perfect guessing security for private key encryption by Alimomeni and Safavi-Naini (ICITS 2012), we study the relations between various unconditional ε-security notions, including $\epsilon$-guess security, ε-min entropic security and ε-Shannon security. We characterize the relations between these security notions. Our results stem from the essential mathematical properties of the underlying measures (i.e. guessing probability, min entropy and Shannon mutual information). We also prove the lower bound on either key entropy or key size or key min entropy for these models. Our results show that the ε-security under these models has a large key size or (min) entropy and hence impossible to be efficient. [ABSTRACT FROM PUBLISHER]

Published

2014

92. Signcryption Secure Against Linear Related-Key Attacks.

Author

Cui, Hui, Mu, Yi, and Au, Man Ho

Subjects

*CRYPTOGRAPHY research, *DATA encryption, *DATA security, *COMPUTER security, *COMPUTER network security

Abstract

A related-key attack (RKA) occurs when an adversary tampers the private key stored in a cryptographic hardware device, and observes the result of the cryptographic primitive under this modified private key. In this paper, we consider the security of signcryption schemes under linear RKAs, where an adversary is allowed to tamper the private keys of the receiver and the sender, and subsequently observe the outcome of a signcryption system under these modified private keys of both parties. We define two security notions for RKA-secure signcryption schemes: chosen ciphertext RKA and chosen message RKA. We require that a signcryption scheme remains secure even when an adversary is allowed to access the designcryption oracle and the signcryption oracle on linear shifts of the private keys of the receiver and the sender, respectively. After reviewing some basic definitions related to our construction, we give a specific signcryption scheme from bilinear Diffie–Hellman which is secure against RKAs. Furthermore, we extend the security model of signcryption with anonymity, where the ciphertext is anonymous to others except the real receiver given the honest sender and the honest receiver. Fortunately, with a trivial modification to the original signcryption scheme, our proposed signcryption scheme can protect the privacy of both the sender and the receiver. [ABSTRACT FROM PUBLISHER]

Published

2014

93. CCA-Secure IB-KEM from Identity-Based Extractable Hash Proof System†.

Author

Chen, Yu, Zhang, Zongyang, Lin, Dongdai, and Cao, Zhenfu

Subjects

*COMPUTER security research, *PROOF theory, *PUBLIC key cryptography, *CRYPTOGRAPHY, *DATA encryption

Abstract

In this paper, we introduce a general paradigm called identity-based extractable hash proof system (IB-EHPS), which is an extension of extractable hash proof system (EHPS) proposed by Wee (CRYPTO'10). We show how to construct identity-based key encapsulation mechanism (IB-KEM) from IB-EHPS in a simple and modular fashion. Our construction provides a generic method of building and interpreting CCA-secure IB-KEMs based on computational assumptions. As instantiations, we realize IB-EHPS from the bilinear Diffie–Hellman assumption and the modified bilinear Diffie–Hellman assumption, respectively. Besides, we carefully investigate the relation between EHPS and IB-EHPS, and indicate possible refinement and generalization of EHPS. [ABSTRACT FROM PUBLISHER]

Published

2014

94. Comments on 'Efficient Revocable Certificateless Encryption Secure in the Standard Model'.

Author

Ying-Kai Tang, Chow, Sherman S. M., and Liu, Joseph K.

Subjects

*DATA encryption, *REVOCATION, *CYBERTERRORISM, *DATA security, *PROBLEM solving

Abstract

Certificateless encryption (CLE) can be used to prevent the key generation centre from decrypting ciphertexts (which addresses the key escrow problem of identity-based encryption), but it cannot provide user revocation mechanism by default. A revocable CLE scheme was proposed by Shen et al. (2014. Efficient revocable certificateless encryption secure in the standard model. Comput. J., 57, 592-601) which realizes the revocation by requiring a time key in the decryption process. Despite of their security proofs, this paper shows an attack of their revocation mechanism. [ABSTRACT FROM AUTHOR]

Published

2015

95. Insecurity of an Efficient Identity-Based Proxy Signature in the Standard Model.

Author

DEBIAO HE, MINGWU ZHANG, and BAOWEN XU

Subjects

*INFORMATION technology security, *DIGITAL signatures, *DATA encryption, *PUBLIC key cryptography, *DATA security failures, *CYBERTERRORISM

Abstract

Recently, Gu et al. proposed an efficient identity-based proxy signature scheme and demonstrated their scheme was provably secure in the standard model. In this paper, we show their scheme is not secure against the malicious user through proposing three concrete attacks. [ABSTRACT FROM AUTHOR]

Published

2015