Your search keyword '"DATA encryption"' showing total 22 results

1. Detecting malicious encrypted traffic with privacy set intersection in cloud-assisted industrial internet.

Author

Feng, Jingyu, Zhang, Jing, Zhang, Wenbo, and Han, Gang

Subjects

*DATA encryption, *INDUSTRIALIZATION, *DATA privacy, *CLOUD computing, *INTERNET

Abstract

Encryption technology provides the ability of confidential transmission to ensure the security of Industrial Internet communication, but it makes detecting malicious encrypted traffic very difficult. To resolve the conflict between the difficulty of malicious encrypted traffic detection and the requirements of traffic privacy protection, we propose a cloud-assisted Industrial Internet malicious encrypted traffic detection scheme with privacy protection. To accurately match the encrypted traffic and the detection rules, a privacy set intersection protocol based on the oblivious pseudorandom function and random garbled Bloom filter is constructed, which can detect malicious traffic without revealing data content. Meanwhile, our scheme can allow semi-trusted cloud servers to assist resource-constrained end devices to participate in private calculations. The key-homomorphic encryption is introduced to obfuscate the detection rules, making the detection rules always transparent to end users and semi-trusted cloud servers. We also design the random input verification to make the malicious end users do not have any opportunity to participate in the privacy set intersection calculation using arbitrary data. The scheme analysis and performance evaluation results show that our scheme can effectively guarantee the security of encrypted traffic detection with better detection performance and limited resource consumption. [ABSTRACT FROM AUTHOR]

Published

2024

2. Statistical privacy protection for secure data access control in cloud.

Author

Baseri, Yaser, Hafid, Abdelhakim, Firoozjaei, Mahdi Daghmehchi, Cherkaoui, Soumaya, and Ray, Indrakshi

Subjects

*CLOUD computing, *DATA privacy, *DATA protection, *ACCESS control, *DATA encryption

Abstract

Cloud Service Providers (CSP s) allow data owners to migrate their data to resource-rich and powerful cloud servers and provide access to this data by individual users. Some of this data may be highly sensitive and important and CSP s cannot always be trusted to provide secure access. It is also important for end users to protect their identities against malicious authorities and providers, when they access services and data. Attribute-Based Encryption (ABE) is an end-to-end public key encryption mechanism, which provides secure and reliable fine-grained access control over encrypted data using defined policies and constraints. Since, in ABE , users are identified by their attributes and not by their identities, collecting and analyzing attributes may reveal their identities and violate their anonymity. Towards this end, we define a new anonymity model in the context of ABE. We analyze several existing anonymous ABE schemes and identify their vulnerabilities in user authorization and user anonymity protection. Subsequently, we propose a Privacy-Preserving Access Control Scheme (PACS) , which supports multi-authority, anonymizes user identity, and is immune against users collusion attacks, authorities collusion attacks and chosen plaintext attacks. We also propose an extension of PACS , called Statistical Privacy-Preserving Access Control Scheme (SPACS) , which supports statistical anonymity even if malicious authorities and providers statistically analyze the attributes. Lastly, we show that the efficiency of our scheme is comparable to other existing schemes. Our analysis show that SPACS can successfully protect against Collision Attacks and Chosen Plaintext Attacks. [ABSTRACT FROM AUTHOR]

Published

2024

3. Dynamic-anonymous privacy-preserving authenticated aggregation for safety-warning system for the Internet of Vehicles.

Author

Verma, Girraj Kumar, Wani, Nahida Majeed, Rana, Saurabh, Kumar, Neeraj, and Tiwari, Asheesh

Subjects

*INFORMATION sharing, *DATA privacy, *DATA protection, *DATA security, *DATA encryption

Abstract

Currently, the connectivity of vehicles using the latest communication and computing technologies has grown as the Internet of Vehicles (IoV). IoV has been utilized to foster an easy traffic flow by sharing safety-warning messages. However, authentication and confidentiality of shared information is a challenging issue. To solve the problem, various privacy-preserving authenticated data-aggregation schemes have been devised. However, existing schemes have shortcomings specifically concerning a heavy computational cost, and the need for a secure channel. Besides, static pseudonyms may increase the risk of a vehicle's privacy leakage. In response to these challenges, this study introduces a new pairing-less and secure privacy-preserving authenticated data aggregation (PLS-PPADA) scheme. Leveraging the pairing-less and certificate-based setting, the PLS-PPADA scheme emerges as a robust, efficient, and effective solution for safety-warning systems in IoV. Further, to resolve the risk of privacy leakage due to static pseudonyms, the paradigm of fuzzy identity has been utilized. Thus, it achieves efficiency and dynamic anonymity and also does not require a secure channel for key sharing. A comprehensive security analysis underscores its effective data protection capabilities and efficiency comparison presents it as a compelling alternative to existing state-of-the-art schemes. [ABSTRACT FROM AUTHOR]

Published

2024

4. PCPHE: A privacy comparison protocol for vulnerability detection based on homomorphic encryption.

Author

Lv, Lieyu, Xiong, Ling, and Li, Fagen

Subjects

*DATA encryption, *HOMOMORPHISMS, *DATA privacy, *DATA security, *COMPUTER crimes

Abstract

Nowadays, many security service providers have their own vulnerability databases and consider them as corporate property. How to ensure the normal use of client while protecting the privacy of these assets has become a problem that needs to be solved. This paper mainly introduces a privacy comparison protocol based on BGN and a version number standardization method, which can be used in scenarios of vulnerability database privacy comparison. Our scheme PCPHE adds random offsets and special preprocessing to avoid common factor attacks that may occur in privacy comparison, while ensuring that client does not know the specific vulnerability database content of the security service provider in a limited number of queries. [ABSTRACT FROM AUTHOR]

Published

2024

5. Designated server proxy re-encryption with boolean keyword search for E-Health Clouds.

Author

Hu, Boli, Zhang, Kai, Gong, Junqing, Wei, Lifei, and Ning, Jianting

Subjects

*DATA encryption, *CLOUD computing, *INFORMATION services, *DATA security, *DATA privacy

Abstract

E-Health Cloud can provide remote, accurate, real-time, intelligent information services for healthcare. Despite the benefits brought by data outsourcing, it may also cause data breaches and compromise user privacy. Searchable encryption can provide data security and search services in the encrypted data domain. However, in E-Health Cloud, users may have some other special needs, such as sharing their health information with doctors during the treatment period and updating the data access right when they transfer from one hospital to another. Some works introduced the primitive proxy re-encryption with public keyword search (Re-PEKS) to meet the above needs. However, the state-of-the-art solutions cannot support expressive boolean query, and its search cost time increases linearly with total number of outsourced documents, this is very impractical in huge E-Health Cloud system. An efficient Re-PEKS scheme termed PRTDs is proposed in this article to address this problem. PRTDs supports sub-linear boolean query, time controlled data sharing, and re-encryption to change data users simultaneously. To compare PRTDs with the most advanced time-enabled Re-PEKS scheme, we also implement exhaustive comparative experiments on HUAWEI Cloud with the Enron dataset, and the results show that PRTDs has a better performance on encryption and searching. [ABSTRACT FROM AUTHOR]

Published

2024

6. A Pairing-free Dynamic Multi-receiver Certificateless Authenticated Searchable Encryption for cloud storage.

Author

Chenam, Venkata Bhikshapathi and Ali, Syed Taqi

Subjects

*CLOUD storage, *DATA encryption, *DATA privacy, *COMPUTER access control, *CRYPTOGRAPHY

Abstract

In the current age of constrained local storage capacity, ensuring the security and privacy of user data against unauthorized third-party access has grown significantly more vital. Searchable Encryption (SE) has arisen as a promising method for preserving the confidentiality of user data while also enabling efficient search capabilities. Certificateless Searchable Encryption (CLSE) stands out among a range of SE cryptosystems by effectively addressing issues related to certification management and key escrow. Nevertheless, the majority of current CLSE approaches heavily depend on computationally intensive bilinear pairings and do not offer robust support for conjunctive keyword searches in multi-receiver scenarios. To address these limitations, we propose a Pairing-free Dynamic Multi-receiver Certificateless Authenticated Searchable Encryption (PDMCLASE) scheme. PDMCLASE focuses on three essential features: (1) Dynamic multi-receiver functionality, enabling new data receivers to access documents while revoking access for existing receivers; (2) Conjunctive subset keyword search, empowering data receivers to perform efficient conjunctive searches on subsets of keywords; and (3) Data sender authentication, ensuring the authenticity of keyword encryption by the data sender. Furthermore, PDMCLASE attains keyword privacy by leveraging elliptic curve hardness problems within the standard model. Through our performance analysis, we establish that PDMCLASE not only delivers improved functionality but also demonstrates reduced computational overhead when compared to alternative schemes. [ABSTRACT FROM AUTHOR]

Published

2024

7. Ciphertext face recognition system based on secure inner product protocol.

Author

Li, Xuelian, Chen, Zhuohao, and Gao, Juntao

Subjects

*FACE perception, *DATA encryption, *COMPUTER security, *DATA privacy, *PRIVACY

Abstract

User privacy data leakage is a major weakness of current plaintext face recognition systems. This article combines Pallier homomorphic encryption algorithm with inner product protocol and face recognition to construct a ciphertext face recognition system based on inner product protocol. Firstly, we integrate the Pallier homomorphic encryption algorithm into the inner product protocol process and design a secure inner product protocol. Through simulation experiments, it can be seen that the time and communication costs of the secure inner product can be reduced to and respectively at the expense of a portion of the applicable scope, where is the vector length. Secondly, we provide specific steps for combining FaceNet face recognition algorithm with secure inner product protocol, then design a ciphertext face recognition system that does not require a trusted third party and analyze its correctness, security and time cost. Through experiments, it can be concluded that the accuracy of plaintext face recognition and ciphertext face recognition on the test set is 98.78% and 98.78%, respectively. The application of Pallier homomorphic encryption algorithm has not affected its recognition performance, which means that the system can provide high accuracy face recognition services while protecting user privacy. [ABSTRACT FROM AUTHOR]

Published

2024

8. A novel compression-based 2D-chaotic sine map for enhancing privacy and security of biometric identification systems.

Author

Rahman, Mobashshirur, Murmu, Anita, Kumar, Piyush, Moparthi, Nageswara Rao, and Namasudra, Suyel

Subjects

*BIOMETRIC identification, *DATA privacy, *DATA encryption, *STATISTICAL correlation, *COMPARATIVE studies

Abstract

Human biometric images are utilized for cell phone authentication, airport security, and biometric passports. To improve the biometric identification process, this should be protected from cyber attackers because it is sensitive to any minor changes. Thus, security is a major concern in biometric images. Traditional encryption and compression methods are ineffective for encrypting biometric images due to their high execution time and algorithm complexity. In this paper, a novel 2D chaotic sine map is proposed for generating encryption keys and improving security for biometric identification systems. The proposed scheme uses the 2D chaotic map to generate the private key and diffusion process. Here, the Hénon-Sine Map (HSM-512), Secure Hash Algorithm (SHA-256), and DNA computing are also used in the key generation process. The pixel values of the original images in the proposed schemes are shuffled using Mersenne Twister (MT) to improve the security of biometric images. Moreover, the Differential Huffman Compression (DHC) method is used for lossless compression while performing the XOR-based encryption process. The proposed model has been tested on different RGB biometric images, namely the SOCOFing dataset and the COVID-19 chest X-ray dataset. The experiment results have been evaluated using many performance metrics, such as entropy, key space, histogram analysis, key sensitivity, robustness analysis, correlation, and similarity analysis. The outcomes demonstrate that the proposed scheme is more effective than the state-of-the-art schemes. • A 2D-Chaotic Sine Map is used to boost security in biometric identification. • Moreover, Hénon-Sine map and DNA computing are used for secure key generation. • Diffusion and confusion with Differential Huffman Compression are used to cipher images. • Extensive comparative analysis is shown to validate performance of proposed model. [ABSTRACT FROM AUTHOR]

Published

2024

9. Blockchain-based public key encryption with keyword search for medical data sharing in cloud environment.

Author

Banik, Mandira and Kumar, Sanjay

Subjects

*ELECTRONIC health records, *INFORMATION sharing, *DATA privacy, *BLOCKCHAINS, *DATA encryption

Abstract

The cloud-based sharing of electronic health data (EHDs) has great significance in researching diseases, doctors' diagnoses and various fields. In this paper, we applied the potentiality of both blockchain and public key searchable encryption to build a medical data-sharing platform. In recent years, blockchain has emerged as a promising solution for medical data sharing with security and privacy preservation due to its immutability, decentralization, anonymity and verifiability advantages. Two kinds of blockchains, private blockchain and consortium blockchain, are used in our model. In our model, we have designed a consortium blockchain of preselected users. To achieve data security, access control, privacy preservation and secure search, public key encryption with keyword search (PEKS) technology is used here. According to the security proof, our proposed scheme is indistinguishable under the keyword guessing attack. The outcomes of the performance analysis and comparison simulations reveal that the proposed scheme performs better than other related schemes. [ABSTRACT FROM AUTHOR]

Published

2023

10. Conditional privacy-preserving authentication scheme for V2V communication without pseudonyms.

Author

Wang, QingLong, Li, YongYong, Tan, ZhiQiang, Fan, Na, and Yao, GuDi

Subjects

*COMPUTER access control, *ANONYMS & pseudonyms, *DATA privacy, *COMPUTER network security, *DATA encryption

Abstract

Pseudonym is widely used in conditional privacy-preserving authentication (CPPA) scheme for vehicle-to-vehicle (V2V) communication in vehicular ad hoc networks (VANETs) in order to protect user's privacy. The main disadvantage of pseudonym-based CPPA schemes is that the pseudonym has to be frequently updated, which puts a heavy burden on VANETs, due to linkage-attack. To solve this problem, we proposed a CPPA scheme for V2V communication without involving pseudonyms. The vehicle does not use any pseudonym in the proposed scheme, therefore it is immune to pseudonym updating and management problems. Moreover, the scheme enables secure V2V communication, which means that only legal vehicles have access to the transmitted messages. Security analysis shows that the scheme supports secure properties of anonymity, unlinkability, non-repudiation, message integrity, traceability, and revocation. Performance analysis and extensive simulations show that the scheme is computationally efficient and has the lowest average message delay among compared schemes. [ABSTRACT FROM AUTHOR]

Published

2023

11. Role mining under User-Distribution cardinality constraint.

Author

Blundo, Carlo and Cimato, Stelvio

Subjects

*DATA mining, *ACCESS to information, *DATA encryption, *COMPUTER security, *DATA privacy

Abstract

Role-based access control (RBAC) defines the methods complex organizations use to assign their users permissions for accessing restricted resources. RBAC assigns users to roles, where roles determine the resources each user can access. The definition of roles, especially when there is a large number of users and many resources to handle, can be a very difficult and time consuming task. The class of tools and methodologies to elicit roles starting from existing user-permission assignments are referred to as role mining. Sometimes, to let the RBAC model be directly deployable in organizations, role mining can also take into account various constraints, like cardinality and separation of duty. Typically, these constraints are enforced to ease roles' management and their use is justified as role administration becomes convenient. In this paper, we focus on the User-Distribution cardinality constraint which places a restriction the number of users that can be assigned to a given role. In this scenario, we present a simple heuristic that improves over the state-of-the-art. Furthermore, to address a more realistic situation, we provide the User-Distribution model with the additional constraint that avoids the generation of roles sharing identical set of permissions. Similarly, within this context, we describe a heuristic enabling the computation of a solution in the new model. Additionally, we assess both heuristics' performances using real-world datasets. [ABSTRACT FROM AUTHOR]

Published

2023

12. GAIN: Decentralized Privacy-Preserving Federated Learning.

Author

Jiang, Changsong, Xu, Chunxiang, Cao, Chenchen, and Chen, Kefei

Subjects

*DATA privacy, *FEDERATED learning, *BLOCKCHAINS, *DATA encryption, *CRYPTOGRAPHY, *COMPUTER network security

Abstract

Federated learning enables multiple participants to cooperatively train a model, where each participant computes gradients on its data and a coordinator aggregates gradients from participants to orchestrate training. To preserve data privacy, gradients need to be protected during training. Pairwise masking satisfies the requirement, which allows participants to blind gradients with masks and the coordinator to perform aggregation in the blinded field. However, the solution would leak aggregated results to external adversaries (e.g., an adversarial coordinator), which suffers from quantity inference attacks. Additionally, existing pairwise masking-based schemes rely on a central coordinator and are vulnerable to the single-point-of-failure problem. To address these issues, we propose a decentralized privacy-preserving federated learning scheme called GAIN. GAIN blinds gradients with masks and encrypts blinded gradients using additively homomorphic encryption, which ensures the confidentiality of gradients, and discloses nothing about aggregated results to external adversaries to resist quantity inference attacks. In GAIN, we design a derivation mechanism for generation of masks, where masks are derived from shared keys established by a single key agreement. The mechanism reduces the computation and communication costs of existing schemes. Furthermore, GAIN introduces smart contracts over blockchains to aggregate gradients in a decentralized manner, which addresses the single-point-of-failure problem. Smart contracts also provide verifiability for model training. We present security analysis to demonstrate the security of GAIN, and conduct comprehensive experiments to evaluate its performance. [ABSTRACT FROM AUTHOR]

Published

2023

13. A comprehensive survey of cryptography key management systems.

Author

Rana, Subhabrata, Parast, Fatemeh Khoda, Kelly, Brett, Wang, Yang, and Kent, Kenneth B.

Subjects

*CRYPTOGRAPHY, *COMPUTER algorithms, *DATA encryption, *DATA security, *DATA privacy

Abstract

Cryptographic methods have been extensively employed in various systems to address security objectives, such as data confidentiality, authentication, and secure communication, to name a few. Keys are the most critical parts of any cryptographic system safeguarding the whole underlying infrastructure. Based on the underlying algorithm design, there might be various stages of key generation, exchange, and storage to fulfill an algorithm requirement. In this research, we studied cryptographic techniques along with requirements and corresponding key management systems. Having scrutinized best practices, a taxonomy has been proposed for the key management systems based on the algorithm's requirements, key stages, and applications. This study is a comprehensive literature review on cryptographic key management systems to provide a complete guideline in key management solutions. [ABSTRACT FROM AUTHOR]

Published

2023

14. A data-driven network intrusion detection system using feature selection and deep learning.

Author

Zhang, Lianming, Liu, Kui, Xie, Xiaowei, Bai, Wenji, Wu, Baolin, and Dong, Pingping

Subjects

*COMPUTER network security, *DATA encryption, *DATA privacy, *DATA quality, *DATA mining

Abstract

Network intrusion detection system (NIDS) is an important line of defense for network security as network attacks become more frequent. In this paper, we propose a data-driven NIDS based on feature selection and deep learning, named FS-DL. FS-DL focuses on improving data quality, using methods such as standard deviation and association rule mining to remove a large number of redundant features, reduce computational load, and improve detection accuracy. To balance detection accuracy and time cost, FS-DL uses a simple neural network structure with only three layers and minimizes the number of neurons as much as possible. Experimental results show that FS-DL only requires a small number of traffic features to obtain better detection performance. In addition, we have designed an NIDS based on FS-DL, deployed in the software-defined networking (SDN) controller for online detection of abnormal traffic. [ABSTRACT FROM AUTHOR]

Published

2023

15. A provably secure collusion-resistant identity-based proxy re-encryption scheme based on NTRU.

Author

Yang, Nan, Tian, Youliang, Zhou, Zhou, and Zhang, Qijia

Subjects

*DATA encryption, *DATA privacy, *DATA modeling, *INFORMATION retrieval, *CYBERTERRORISM

Abstract

Proxy re-encryption (PRE) technology realizes the transformation of decryption right from a delegator to a delegatee. In response to the rapid development of quantum attack technology, scholars have proposed the lattice-based PRE schemes, and the underlying encryption scheme of most lattice-based PRE schemes is the dual cryptosystem, which has the defects of large storage overhead, computational overhead and low efficiency. To address these deficiencies, we present a novel identity-based proxy re-encryption (IB-PRE) scheme based on NTRU. By means of the underlying efficient NTRU scheme, the proposed scheme reduces the storage overhead and computational overhead on key size and computational complexity, and improves efficiency. Our scheme possesses desired properties such as multi-hop property, unidirectionality and collusion-resistance. Meanwhile, based on the decisional Hermite normal form of ring learning with errors (D-RLWE H N F) hard problem, it is carefully designed and demonstrated to be secure under selective identity and chosen plaintext attacks in the standard model. [ABSTRACT FROM AUTHOR]

Published

2023

16. A screen-shooting resilient data-hiding algorithm based on two-level singular value decomposition.

Author

Ma, Bin, Du, Kaixin, Xu, Jian, Wang, Chunpeng, Li, Jian, and Zhou, Linna

Subjects

*DATA encryption, *DATA privacy, *INFORMATION retrieval, *EMBEDDED computer systems, *COMPUTER algorithms

Abstract

This paper presents a screen-shooting resilient data-hiding scheme for JPEG images based on a two-level Singular Value Decomposition (SVD). The mid-to-high frequency coefficients are chosen to balance the data-embedding robustness and the image's visual quality. At the same time, the two-level singular value decomposition (SVD) is additionally utilized to construct the feature matrices, thereby enhancing the robustness of the embedded message. The combination of DCT and two-level SVD enables achieving a high-performance screen-shooting resilient data-hiding algorithm. Moreover, the affine transformation is employed to rectify the distortion that caused by screen-shooting, thus further improving the data extraction accuracy. Experimental results demonstrate a minimum 3 % improvement in confidential information extraction accuracy, with the data extraction rate exceeding 92 % across screen-shooting angles ranging from −40 to 40°. The performance of the proposed algorithm outperforms other state-of-the-art schemes apparently. [ABSTRACT FROM AUTHOR]

Published

2023

17. Fully Enhanced Homomorphic Encryption algorithm of MORE approach for real world applications.

Author

Hariss, Khalil, Noura, Hassan, and Samhat, Abed Ellatif

Subjects

*DATA encryption, *COMPUTER algorithms, *DATA privacy, *CLOUD computing, *PERFORMANCE evaluation

Abstract

The design of a Homomorphic Encryption (HE) algorithm that allows computation over the encrypted data is required in real world modern applications to preserve the privacy. Such applications include Cloud Computing, shared storage, processing resources, etc. The existing solutions are not practical for real world applications. Asymmetric approaches suffer from high computation overhead, while symmetric approaches suffer from low immunity against attacks such as chosen and known plaintext attack. In this paper, we consider symmetric approaches and we focus on Matrix Operation for Randomization and Encryption (MORE) approach to build a new algorithm overcoming the drawbacks of MORE. The proposed algorithm is explained in details and evaluated. The security performance results show that the proposed approach can prevent the strong attacks without degradation of the system performances in term of latency and energy consumption. [ABSTRACT FROM AUTHOR]

Published

2017

18. Toward single-server private information retrieval protocol via learning with errors.

Author

Li, Zengpeng, Ma, Chunguang, Wang, Ding, and Du, Gang

Subjects

*DATA privacy, *COMPUTER network protocols, *INFORMATION retrieval, *DATA encryption, *COMPUTATIONAL complexity

Abstract

At FOCS2011 Brakerski and Vaikuntanathan proposed a single-server LWE-based private information retrieval (abbreviated as PIR) protocol with a security reduction to hard standard lattice problems and nearly optimal communication complexity. However, Brakerski just described a generic PIR protocol that utilized a somewhat homomorphic encryption and an arbitrary symmetric encryption as building blocks, he did not instantiate the generic construction. In this work, we first modify Brakerski's construction without the evaluating key and construct a new PIR model. Moreover, we instantiate our new model via matrix FHE first proposed by Ryo et al. at PKC2015 and vector symmetric encryption scheme proposed in this work as building block. Then we optimize the Response operations and several other aspects of the scheme. [ABSTRACT FROM AUTHOR]

Published

2017

19. Dual-server certificateless public key encryption with authorized equality test for outsourced IoT data.

Author

Zhao, Meng, Ding, Yong, Tang, Shijie, Liang, Hai, Yang, Changsong, and Wang, Huiyong

Subjects

*INTERNET of things, *PUBLIC key cryptography, *ARTIFICIAL intelligence, *INFORMATION & communication technologies, *DATA encryption

Abstract

The Internet of Things (IoT) devices with restricted storage and computing sources are unable to store and handle massive data at local. A promising method is to engage some cloud server for maintaining outsourced encrypted IoT data and responding user request, in the meantime, the privacy of outsourced data can be protected. Existing encryption techniques with equality test allow the authorized cloud server to compare encrypted data and perform data classification. However, these schemes in the single server model cannot resist internal keyword guessing attacks. Also, the existing schemes in public key setting confront the burden of maintaining public key certificates, and the ones in identity-based setting face the key escrow problem. To address these issues, this paper proposes a dual-server certificateless public key encryption scheme supporting authorized equality test (DS-CL-AET) in bilinear groups. Security analysis indicates that the proposed DS-CL-AET scheme offers confidentiality protection for outsourced ciphertext and authentication tokens. Performance analysis demonstrates the practicality of our DS-CL-AET scheme in securing outsourced IoT data in clouds. [ABSTRACT FROM AUTHOR]

Published

2023

20. An efficient and practical approach for privacy-preserving Naive Bayes classification.

Author

Vu, Duy-Hien, Vu, Trong-Sinh, and Luong, The-Dung

Subjects

*NAIVE Bayes classification, *MACHINE learning, *DATA security, *DATA encryption, *CRYPTOGRAPHY

Abstract

Nowadays, the development of machine learning has brought about tremendous benefits. Nevertheless, the process of building machine learning models can violate sensitive and private information in data, especially in some specific domains such as banking, medical, e-commerce. In this paper, we propose a novel privacy preservation solution for the Naive Bayes classification technique, a powerful machine learning algorithm. Because of being based on a new cryptographic protocol called secure multi-sum computation, the proposed solution not only protects data holders' privacy but also guarantees the classification model's accuracy. Moreover, the experimental results demonstrate that our solution outperforms the typical privacy-preserving Naive Bayes classifiers, and it is efficient in real-life applications. • A new secure multi-sum computation protocol is proposed for privately computing many sum values in one round of computation. • A novel and efficient privacy-preserving Naive Bayes classifier based on the secure multi-sum computation protocol is propounded. • The new privacy-preserving Naive Bayes classification solution has high performance when tested on the SMS spam dataset with privacy constraints. [ABSTRACT FROM AUTHOR]

Published

2022

21. Deniable search of encrypted cloud-storage data.

Author

Chi, Po-Wen and Wang, Ming-Hung

Subjects

*CLOUD storage, *DATA privacy, *DATA encryption, *MALWARE prevention, *INFORMATION & communication technology security

Abstract

Cloud storage services have grown extensively in recent years. For privacy and security purposes, outsourced data must be encrypted. Therefore, searching the encrypted cloud-stored data is a big challenge. Although there are plenty of searchable encryption schemes, most rely on keywords located in the encrypted data instead of more complex searching criteria. Moreover, they do not consider the malicious coercer issue. In this paper, we propose a searchable encryption scheme that supports expressive keyword-matching conditions and provides deniable searchability to the user. [ABSTRACT FROM AUTHOR]

Published

2021

22. A party-adaptive variant of LowGear.

Author

Li, Yanbin, Liu, Yu, Dai, Yongheng, and Wang, Pengda

Subjects

*MULTIAGENT systems, *ADAPTIVE computing systems, *DATA privacy, *DATA encryption, *INFORMATION & communication technology security

Abstract

Over the last decade, secure multi-party computation (MPC) has made a great stride from a major theoretical area to the multi-functional tool for building privacy protection applications. At EUROCRYPT'18, Keller et al. presented MPC protocol LowGear based on semi-homomorphic (addition-only) encryption. Due to its superior performance and high availability, LowGear has drew a lot of attention from industry. But in practical application environment, there are still requirements that LowGear does not satisfy. A major drawback is the inability to handle changes in the set of parties during online computing phase. In this paper, we present a party-adaptive variant to LowGear, with the goal to continue secure collaborative computing tasks when some new parties join in, some old parties drop out, or new parties replace old ones. This variant is based on tweaks to preprocessing phase to adapt existing preprocessed data to the computation over a new set of parties without regenerating new data by rerunning the entire preprocessing phase. It can effectively avoid the waste of data and time resources. Meanwhile the variant does not reduce security and efficiency of LowGear. [ABSTRACT FROM AUTHOR]

Published

2021