Your search keyword '"Link encryption"' showing total 56 results

1. Attribute-Based Encryption Approach for Storage, Sharing and Retrieval of Encrypted Data in the Cloud

Author

Miguel Morales-Sandoval, Melissa Hinojosa Cabello, José Luis González Compeán, and Heidy M. Marin-Castro

Subjects

cloud storage, General Computer Science, Database, business.industry, Computer science, Attribute based encryption, asymmetric pairings, General Engineering, Access control, Cloud computing, security, Service provider, computer.software_genre, Encryption, Server, General Materials Science, Attribute-based encryption, Link encryption, information retrieval, lcsh:Electrical engineering. Electronics. Nuclear engineering, searchable encryption, business, computer, Cloud storage, lcsh:TK1-9971

Abstract

One of the most cost-effective services in cloud computing is storage, used by businesses and individuals to outsource their massive data to untrusted servers. Efforts have studied problems around this application scenario in different fronts: efficiency, flexibility, reliability, and security. In this paper we address the security concerns of cloud storage under the scenario where users encrypt-then-outsource data, share their outsourced data with other users, and the service provider can be queried for searching and retrieval of encrypted data. As main distinctive, we propose a security approach for storage, sharing and retrieval of encrypted data in the cloud fully constructed on the basis of attribute-based encryption (ABE) thus enabling access control mechanisms over both the encrypted data and also for the information retrieval task through search access control. Compared to related works, our approach considers efficient encryption at three different levels: i) bulk encryption of data outsourced to the cloud, ii) keys management for access control over encrypted data by means of digital envelopes from attribute based encryption, and iii) novel construction for attribute based searchable encryption (ABSE). Our underlying ABE algorithms are carefully selected from the body of knowledge and novel constructions for ABSE are provided over the asymmetric setting (Type-III pairings) to support security levels of 128-bits or greater. Experimental results on benchmark data sets demonstrate the viability of our approach for practical realizations using Barreto-Naehrig curves.

Published

2020

2. Cyber Threats to Industrial IoT: A Survey on Attacks and Countermeasures

Author

Konstantinos Tsiknas, Konstantinos Demertzis, Dimitrios Taketzis, and Charalabos Skianis

Subjects

IoT, Industry 4.0, business.industry, Data stream mining, Computer science, Interoperability, Vulnerability, protocols, Context (language use), security, Computer security, computer.software_genre, algebra_number_theory, cyber threats, Intermediary, Software, Countermeasure, attacks, IIoT, Link encryption, Multilevel security, business, computer

Abstract

In today’s Industrial Internet of Things (IIoT) environment, where different systems interact with the physical world, the state proposed by the Industry 4.0 standards can lead to escalating vulnerabilities, especially when these systems receive data streams from multiple intermediaries, requiring multilevel security approaches, in addition to link encryption. At the same time taking into account the heterogeneity of the systems included in the IIoT ecosystem and the non-institutionalized interoperability in terms of hardware and software, serious issues arise as to how to secure these systems. In this framework, given that the protection of industrial equipment is a requirement inextricably linked to technological developments and the use of the IoT, it is important to identify the major vulnerabilities and the associated risks and threats and to suggest the most appropriate countermeasures. In this context, this study provides a description of the attacks against IIoT systems, as well as a thorough analysis of the solutions for these attacks, as they have been proposed in the most recent literature.

Published

2021

3. Analysis of Data Encryption Algorithms for Telecommunication Network-Computer Network Communication Security

Author

Nan Ye, Rui Zhang, and Yifeng He

Subjects

Technology, Article Subject, Computer Networks and Communications, business.industry, Network security, Computer science, Node (networking), Information technology, TK5101-6720, Encryption, Communications security, Telecommunications network, Telecommunication, The Internet, Link encryption, Electrical and Electronic Engineering, business, Information Systems, Computer network

Abstract

Nowadays, the development of information technology can be described as extremely rapid, especially with the widespread use of the Internet; the security of communications in the network has become an important issue we are facing. The purpose of this article is to solve the problems in today’s network security data encryption algorithms. Starting from the computer network communication security data encryption algorithm, we discuss the effects of several different encryption methods on improving network security. The research results show that it is known that the application of link encryption algorithm in network communication security encryption algorithm can increase the security index by 25%, the node encryption algorithm can increase the security index by 35%, and the end-to-end encryption algorithm can make the cyber activity safety index to increase by 40%. Among them, RSA algorithm and DES algorithm are two very representative algorithms; they represent different encryption systems. From the perspective of network data link, there are three methods of encryption algorithm, namely, link encryption algorithm, node encryption algorithm, and end-to-end encryption algorithm.

Published

2021

4. A Novel Structure of Advance Encryption Standard with 3-Dimensional Dynamic S-box and Key Generation Matrix

Author

Ali Newaz Bahar, Anjela Diana Corraya, Mousumi Akter Sumi, and Ziaur Rahaman

Subjects

FOS: Computer and information sciences, S-box, Plaintext-aware encryption, Computer Science - Cryptography and Security, General Computer Science, Computer science, Data security, 050801 communication & media studies, Cryptography, 02 engineering and technology, Encryption, computer.software_genre, Computer security, Disk encryption hardware, H.4.3, Multiple encryption, 0508 media and communications, 0202 electrical engineering, electronic engineering, information engineering, Key generation, business.industry, Encryption software, 05 social sciences, Advanced Encryption Standard, Client-side encryption, 020206 networking & telecommunications, Disk encryption theory, Deterministic encryption, Disk encryption, Probabilistic encryption, 56-bit encryption, 40-bit encryption, Link encryption, Attribute-based encryption, On-the-fly encryption, business, Cryptography and Security (cs.CR), computer, Computer network

Abstract

The study of sending and receiving secret messages is called cryptography. Generally, senders and receivers are unaware about the process of encryption and decryption. Hence, encryption plays an important role in data communication and data security. The meaning of encryption is not only to keep data confidential from unwanted access but also ensuring the data integrity through available way. As the capacity of breaking the security is increasing rapidly, so, the process that hides information is one of the most concerned topics. Advanced Encryption Standard is a popular, widely used and efficient encryption algorithm, which has been used since it was invented. This paper focuses on the AES key generation process and Substitution box. It modifies the conventional key generation technique and builds the dynamic 3-Dimensional S-box of Advance Encryption Standard. The proposed approach suggests 3-Dimensioanl Key Generation Matrix and S-box. As per shown this novel technique increases the amount of time it needs during encryption and decryption. The experimental result shows that it also enhances the strength of AES algorithm. The proposed approach illustrates the theoretical analysis and corresponding experimented results., 7 pages, 14 figures, 4 tables. Published in IJCSA in 2017

Published

2020

5. Deniable encryption protocols based on probabilistic public-key encryption

Author

Anatoly Kornienko, Alexander A. Moldovyan, Nikolay A. Moldovyan, and Andrey Berezin

Subjects

050101 languages & linguistics, probabilistic encryption, Computer science, deniable encryption, 02 engineering and technology, public key encryption, Encryption, Computer security, computer.software_genre, lcsh:Telecommunication, Multiple encryption, lcsh:TK5101-6720, 0202 electrical engineering, electronic engineering, information engineering, 0501 psychology and cognitive sciences, business.industry, Client-side encryption, 06 humanities and the arts, Deniable encryption, Probabilistic encryption, digital signature, cryptographic protocol, 40-bit encryption, 020201 artificial intelligence & image processing, Link encryption, Attribute-based encryption, commutative encryption, business, computer, Computer network

Abstract

The paper proposes a new method for designing deniable encryption protocols characterized in using RSA-like probabilistic public-key encryption algorithms. Sender-, receiver-, and bi-deniable protocols are described. To provide bi-deniability in the case of attacks perfored by an active coercer stage of entity authentication is used in one of described protocols.

Published

2017

6. A Key Space Enhanced Chaotic Encryption Scheme for Physical Layer Security in OFDM-PON

Author

Meihua Bi, Xuefang Zhou, Shilin Xiao, Xiaosong Fu, Weisheng Hu, Guowei Yang, Xuelin Yang, and Lu Zhang

Subjects

lcsh:Applied optics. Photonics, Computer science, 02 engineering and technology, Encryption, Passive optical network, Orthogonal frequency-division multiplexing passive optical network (OFDM-PON), logistic map, Multiple encryption, 020210 optoelectronics & photonics, completed permutation, 0202 electrical engineering, electronic engineering, information engineering, Computer Science::Networking and Internet Architecture, lcsh:QC350-467, Electrical and Electronic Engineering, Secure transmission, Computer Science::Information Theory, Computer Science::Cryptography and Security, key space enhanced, business.industry, Key space, lcsh:TA1501-1820, Atomic and Molecular Physics, and Optics, Deterministic encryption, Probabilistic encryption, Link encryption, business, lcsh:Optics. Light, Computer network

Abstract

In this paper, we propose a key space enhanced chaos-based encryption scheme with no requirement of redundant sideband information in an orthogonal frequency division multiplexing passive optical network (OFDM-PON). For the first time, a simple 1-D chaotic logistic map is employed to scramble the chaotic subcarrier allocation both in time/frequency domain and logical operation, which provides a huge key space to enhance the physical layer confidentiality. Due to the dynamic chaotic permutations, the largest key space is achieved in comparison with the reported encryption schemes in OFDM-PON. In addition, a ∼10-Gb/s secure transmission with encrypted OFDM data is experimentally demonstrated over 25-km standard single-mode fiber. The proposed encryption scheme demonstrates the excellent security of data transmission in OFDM-PON and the robustness against exhaustive attacks.

Published

2017

7. Virtualization of the Encryption Card for Trust Access in Cloud Computing

Author

Xiao-Yang Liu, Cai Fu, Guohui Li, Deliang Xu, Deqing Zou, and Honghao Zhang

Subjects

General Computer Science, Computer science, Full virtualization, Data_MISCELLANEOUS, trusted computing, Data security, Cryptography, Cloud computing, 02 engineering and technology, computer.software_genre, Computer security, Encryption, Disk encryption hardware, Email encryption, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, General Materials Science, 020203 distributed computing, Cloud computing security, business.industry, General Engineering, Client-side encryption, Trusted Computing, Cryptographic protocol, Virtualization, virtualization, Disk encryption theory, Disk encryption, 56-bit encryption, 40-bit encryption, Keyfile, Trusted Platform Module, Link encryption, lcsh:Electrical engineering. Electronics. Nuclear engineering, On-the-fly encryption, business, computer, Encryption card, lcsh:TK1-9971, Computer network

Abstract

The increasing use of virtualization puts stringent security requirements on software integrity and workload isolation of cloud computing. The encryption card provides hardware cryptographic services for users and is believed to be superior to software cryptography. However, we cannot use the encryption card directly in the user domain because of the complicated virtualization mechanisms and the security problems about the user key and the user private data flow. To address these challenges, we propose a new virtualization architecture to ensure the trustworthiness of encryption cards. First, we design a privacy preserving model to ensure the security of the dynamic schedule of encryption cards. Second, we present a hardware trust verification procedure based on the trusted platform module to supply a trusted virtualization hardware foundation. Third, we provide a series of security protocols to establish a trusted chain between users and encryption cards. Finally, we give security proofs of the encryption card virtualization architecture. Based on our prototype implementation, the encryption service provided by the encryption card has higher-level security and higher efficiency than software encryption. It provides strong support for security services of virtualization systems in cloud computing.

Published

2017

8. Multi-divisible on-line/off-line encryptions

Author

Wakaha Ogata and Dan Yamamoto

Subjects

Discrete mathematics, business.industry, Computer science, Applied Mathematics, 020206 networking & telecommunications, 0102 computer and information sciences, 02 engineering and technology, Encryption, 01 natural sciences, Computer Graphics and Computer-Aided Design, Public-key cryptography, Multiple encryption, 010201 computation theory & mathematics, Probabilistic encryption, Signal Processing, 0202 electrical engineering, electronic engineering, information engineering, 40-bit encryption, Link encryption, Electrical and Electronic Engineering, Line (text file), business, Off line, Computer network

Published

2017

9. On the Security of a Universal Cryptocomputer: the Chosen Instruction Attack

Author

Peter Schartner and Stefan Rass

Subjects

Plaintext-aware encryption, Theoretical computer science, General Computer Science, Computer science, Cryptography, 02 engineering and technology, security, Encryption, computer.software_genre, Computer security, Disk encryption hardware, Watermarking attack, Multiple encryption, side-channel attack, Ciphertext, 0202 electrical engineering, electronic engineering, information engineering, General Materials Science, applied cryptography, Private function evaluation, business.industry, General Engineering, Homomorphic encryption, Client-side encryption, 020206 networking & telecommunications, Disk encryption theory, Deterministic encryption, Ciphertext indistinguishability, Disk encryption, Symmetric-key algorithm, Probabilistic encryption, 56-bit encryption, 40-bit encryption, 020201 artificial intelligence & image processing, Link encryption, Attribute-based encryption, lcsh:Electrical engineering. Electronics. Nuclear engineering, On-the-fly encryption, business, Ciphertext-only attack, computer, lcsh:TK1-9971

Abstract

The ultimate goal of private function evaluation is the complete outsourcing of processing tasks to distrusted platforms (such as clouds), so that arbitrary functions can be evaluated without any leakage of secret information. Several successful concepts have been proposed in the past, the most striking one having been fully homomorphic encryption besides the well-known garbled circuits and multiparty computation. In this paper, we look at an idealized model of outsourced computation, which we call a cryptocomputer . This is a (theoretical) machine that works exactly like a real-life computer in the sense of understanding a standard assembly language, but retaining all its internal signals, registers, and memory encrypted at all times. The encryption is assumed under a key that is unknown to the attacker, and taken as secure (in any cryptographically meaningful way), so that no leakage of information from any ciphertext can be expected from programs with reasonable (polynomial) time complexity. Unfortunately, such a cryptocomputer is necessarily insecure, irrespectively of how the encryption looks like. In particular, we explicitly do not assume any specific form of security (chosen-ciphertext or other) or (a)symmetry of encryption; our attack works only on ciphertexts and makes no assumptions whatsoever on the encryption. We prove insecurity of the cryptocomputer by taking the encryption as a black box, and show how to decipher every signal in the computer by pure virtue of submitting proper instructions for execution. Our attack falls into the general category of side-channel attacks, however unlike other related attacks, does neither exploit physical nor any logical characteristics of the underlying platform (besides the execution flow being observable). Somewhat surprisingly, it turns out that although the problem that we consider is cryptographic, it seemingly has no cryptographic solution and apparently calls for an interdisciplinary approach from new directions.

Published

2016

10. WSES: HIGH SECURED DATA ENCRYPTION AND AUTHENTICATION USING WEAVING, ROTATION AND FLIPPING

Author

A. Yesu Raja and S. Arumuga Perumal

Subjects

Weaving, Theoretical computer science, lcsh:Computer engineering. Computer hardware, Hash, Computer science, Data Security, Encryption, lcsh:TK7885-7895, computer.software_genre, Multiple encryption, Flipped Matrix, Filesystem-level encryption, ENTN, lcsh:T58.5-58.64, business.industry, lcsh:Information technology, WSES, Probabilistic encryption, REM, 56-bit encryption, 40-bit encryption, XOR, Decryption, Link encryption, On-the-fly encryption, business, computer, Computer hardware

Abstract

Data security is the very important part in the network data communication. Avoidance of the information hacking and steeling are very challenging part for network data communication. Now-a-days people are using many encryption and decryption techniques for data security. But all encryption and decryption techniques are having more time occupation or less security for the process. This paper proposed high level security approach to encryption and decryption for data security. Two levels of securities are used in this proposed method. First one is data encryption and the second one is hash value generation. The proposed Weaving based Superior Encryption Standard (WSES) uses a novel weaving based approach. The weaving array generation is done by Elementary Number Theory Notation (ENTN) method. The weaving array has multiple private keys for XOR encryption. After encryption the error value is extracted from the encrypted array and weaving array. This error value is sent to the other side. The novel approach for hash value generation uses the encrypted array. After encryption, the encrypted array is rotated into four degrees and each degree data are converted to vector format and arranged on by one under the vector. Finally a 2D Rotational Encryption Matrix (REM) is obtained. After this process a REM copy is converted to mirror flip and it is need as Flipped Matrix (FM). The FM is concatenated under the REM and converted to vector using the zigzag operation. Finally this process gives two bytes hash value from the vector. This proposed method executes very fast and provide high security. This method is much reliable to small size applications and also used for any type of data security.

Published

2015

11. Securely outsourcing the ciphertext-policy attribute-based encryption

Author

Kim Nguyen, Nouha Oualha, Maryline Laurent, Services répartis, Architectures, MOdélisation, Validation, Administration des Réseaux (SAMOVAR), Institut Mines-Télécom [Paris] (IMT)-Télécom SudParis (TSP), Laboratoire d'Intégration des Systèmes et des Technologies (LIST), Direction de Recherche Technologique (CEA) (DRT (CEA)), Commissariat à l'énergie atomique et aux énergies alternatives (CEA)-Commissariat à l'énergie atomique et aux énergies alternatives (CEA), Centre National de la Recherche Scientifique (CNRS), Département Intelligence Ambiante et Systèmes Interactifs (DIASI), Commissariat à l'énergie atomique et aux énergies alternatives (CEA)-Commissariat à l'énergie atomique et aux énergies alternatives (CEA)-Direction de Recherche Technologique (CEA) (DRT (CEA)), Commissariat à l'énergie atomique et aux énergies alternatives (CEA)-Commissariat à l'énergie atomique et aux énergies alternatives (CEA)-Université Paris-Saclay, Réseaux, Systèmes, Services, Sécurité (R3S-SAMOVAR), Institut Mines-Télécom [Paris] (IMT)-Télécom SudParis (TSP)-Institut Mines-Télécom [Paris] (IMT)-Télécom SudParis (TSP), Département Réseaux et Services de Télécommunications (RST), Laboratoire d'Intégration des Systèmes et des Technologies (LIST (CEA)), and Département Réseaux et Services de Télécommunications (TSP - RST)

Subjects

Plaintext-aware encryption, Computer Networks and Communications, Computer science, Access control, 02 engineering and technology, Data_CODINGANDINFORMATIONTHEORY, computer.software_genre, Encryption, Computer security, Disk encryption hardware, Public-key cryptography, Multiple encryption, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], Email encryption, Ciphertext, 0202 electrical engineering, electronic engineering, information engineering, Security rules, Secure outsourcing, business.industry, Sensors, Authorization, Client-side encryption, 020207 software engineering, Adversary, Disk encryption theory, C program, Bus encryption, Deterministic encryption, Disk encryption, Hardware and Architecture, Probabilistic encryption, Privacy, 40-bit encryption, 56-bit encryption, Keyfile, 020201 artificial intelligence & image processing, Attribute-based encryption, Link encryption, On-the-fly encryption, business, computer, Software

Abstract

Attribute-based Encryption (ABE) is a new and promising public key encryption that allows fine-grained authorization on data based on user attributes. Such property is favorable for multiple applications that require encrypted storage or access control on data, in particular: eHealth applications. However, ABE schemes are known not to be efficient in the encryption phase because ciphertext size and the time required to encrypt grow with the complexity of the access policy. Such drawback is critical in the context of pervasive computing, for instance, in the Internet of Things, where data producers are usually resource-constrained devices, e.g. smart phones or sensing platforms. In this work, we propose OEABE standing for Outsourcing mechanism for the Encryption of Ciphertext-Policy ABE (CP-ABE). We show how a user can offload expensive operations of CP-ABE encryption to a semi-trusted party in a secure manner. Our proposed mechanism requires only one exponentiation on resource-constrained devices. We provide also an informal security analysis of possible attacks from a semi-honest adversary against the proposed solution. To demonstrate the performance gains of our mechanism, we first conducted a performance estimation on an emulated Wismote sensor platform. Then, we implemented our proposal and did comparison to an existing implementation of CP-ABE on a laptop.

Published

2018

12. Real-Time Selective Encryption Solution based on ROI for MPEG-A Visual Identity Management AF

Author

Young-Kwon Lim, Cyril Bergeron, Benoit Boyadjis, Naty Sidaty, Jean Le Feuvre, Wassim Hamidouche, THALES COMMUNICATIONS & SECURITY, THALES, Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES), Institut d'Électronique et des Technologies du numéRique (IETR), Nantes Université (NU)-Université de Rennes 1 (UR1), Université de Rennes (UNIV-RENNES)-Université de Rennes (UNIV-RENNES)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Université de Rennes (UNIV-RENNES)-Institut National des Sciences Appliquées (INSA)-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS), Département Traitement du Signal et des Images (TSI), Télécom ParisTech-Centre National de la Recherche Scientifique (CNRS), THALES [France], Institut National des Sciences Appliquées (INSA), Université de Nantes (UN)-Université de Rennes (UR)-Institut National des Sciences Appliquées - Rennes (INSA Rennes), Institut National des Sciences Appliquées (INSA)-Institut National des Sciences Appliquées (INSA)-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS), and Université de Nantes (UN)-Université de Rennes 1 (UR1)

Subjects

HEVC, Computer science, Interoperability, 0211 other engineering and technologies, ComputingMethodologies_IMAGEPROCESSINGANDCOMPUTERVISION, 02 engineering and technology, Computer security, computer.software_genre, Encryption, Video quality, Identity management, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], Visual Identity Management, Robustness (computer science), Region of interest, ISOBMFF, 0202 electrical engineering, electronic engineering, information engineering, selective encryption, Transform coding, 021110 strategic, defence & security studies, AVC, business.industry, ROI, [INFO.INFO-TI]Computer Science [cs]/Image Processing [eess.IV], 020201 artificial intelligence & image processing, Link encryption, business, computer, Computer hardware

Abstract

International audience; As part of a new MPEG-A standardization activity, called Visual Identity Management Application Format(VIMAF), this paper presents an end-to-end encryption solution of Region of Interest (ROI) in both AVC and HEVC encodedstreams for privacy protection applications. This solution uses a selective encryption method that encrypts only the most sensitive information of the video and proposes a new adapted syntax in order to facilitate interoperability between equipments. Objective video quality measurements have shown the robustness of the proposed selective encryption solution with only a slight bitrate increase.

Published

2017

13. Semantically Secure Symmetric Encryption with Error Correction for Distributed Storage

Author

Juha Partala

Subjects

Plaintext-aware encryption, Theoretical computer science, Article Subject, Computer Networks and Communications, Computer science, 0102 computer and information sciences, 02 engineering and technology, Encryption, 01 natural sciences, lcsh:Technology (General), 0202 electrical engineering, electronic engineering, information engineering, lcsh:Science (General), Computer Science::Cryptography and Security, business.industry, 020206 networking & telecommunications, Plaintext, Deterministic encryption, Symmetric-key algorithm, 010201 computation theory & mathematics, Probabilistic encryption, McEliece cryptosystem, lcsh:T1-995, Link encryption, business, Information Systems, lcsh:Q1-390

Abstract

A distributed storage system (DSS) is a fundamental building block in many distributed applications. It applies linear network coding to achieve an optimal tradeoff between storage and repair bandwidth when node failures occur. Additively homomorphic encryption is compatible with linear network coding. The homomorphic property ensures that a linear combination of ciphertext messages decrypts to the same linear combination of the corresponding plaintext messages. In this paper, we construct a linearly homomorphic symmetric encryption scheme that is designed for a DSS. Our proposal provides simultaneous encryption and error correction by applying linear error correcting codes. We show its IND-CPA security for a limited number of messages based on binary Goppa codes and the following assumption: when dividing a scrambled generator matrix G^ into two parts G1^ and G2^, it is infeasible to distinguish G2^ from random and to find a statistical connection between G1^ and G2^. Our infeasibility assumptions are closely related to those underlying the McEliece public key cryptosystem but are considerably weaker. We believe that the proposed problem has independent cryptographic interest.

Published

2017

14. Rastgele veri karıştırmaya dayalı kaotik şifreleme

Author

Alper Uğur and Murat Aydos

Subjects

Theoretical computer science, cryptography, business.industry, Computer science, Cryptography, Encryption, Chaotic image encryption, Self-diagonal, computer.software_genre, Multiple encryption, Cryptography,Encryption,Chaotic image encryption,Self-diagonal shuffler, Filesystem-level encryption, chaotic image encryption, Probabilistic encryption, lcsh:TA1-2040, shuffler, 40-bit encryption, 56-bit encryption, self-diagonal shuffler, Link encryption, On-the-fly encryption, business, lcsh:Engineering (General). Civil engineering (General), computer, encryption

Abstract

Security of valuable multimedia contents such as images in personal photograph albums, electronic publishing, frames of multicast video conference can be achieved by image encryption. Secure transmission of these contents is required to be rapid, efficient and practical. Hence, image encryption process must be chosen not only to satisfy the security goals but also to fulfill these requirements. Due to the inadequacy and inefficiency of conventional text based information encryption methods, researchers have proposed several encryption schemes. Many of them are based on chaotic algorithms. Recently, the studies are concentrated on some weaknesses of chaotic algorithms and most of the presented solutions came up with complex structured chaotic maps. In this paper, we present a self-diagonal shuffler mechanism embedded to one dimensional chaotic encryption system to overcome its leak points while keeping simplicity and efficiency properties.

Published

2014

15. ELmD: A Pipelineable Authenticated Encryption and Its Hardware Implementation

Author

Mridul Nandi, Nilanjan Datta, Cuauhtemoc Mancillas-López, Lilian Bossuet, Laboratoire Hubert Curien [Saint Etienne] (LHC), Institut d'Optique Graduate School (IOGS)-Université Jean Monnet [Saint-Étienne] (UJM)-Centre National de la Recherche Scientifique (CNRS), Indian Statistical Institute [Kolkata], and ANR-13-INSE-0002,TSUNAMY,Gestion logicielle et matérielle de la sécurité des données pour des plateformes manycore(2013)

Subjects

Key Wrap, Authenticated encryption, Plaintext-aware encryption, Computer science, Data_MISCELLANEOUS, Sponge function, 02 engineering and technology, computer.software_genre, Encryption, Disk encryption hardware, Theoretical Computer Science, Multiple encryption, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], Filesystem-level encryption, Ciphertext, 0202 electrical engineering, electronic engineering, information engineering, Authenticated Encryption EME Misuse Resistant Pipeline Implementation, Authentication, business.industry, Client-side encryption, Plaintext, 020202 computer hardware & architecture, Disk encryption theory, Deterministic encryption, Computational Theory and Mathematics, Disk encryption, Hardware and Architecture, Probabilistic encryption, 56-bit encryption, 40-bit encryption, 020201 artificial intelligence & image processing, Attribute-based encryption, Link encryption, On-the-fly encryption, business, computer, Software, Computer hardware, Computer network, Cryptographic nonce

Abstract

International audience; Authenticated encryption schemes which resist misuse of nonce at some desired level of privacy are two-pass or Macthen- Encrypt constructions (inherently inefficient but provide full privacy) and online constructions like McOE, sponge-type authenticated encryptions (such as duplex) and COPA. Only the last one is almost parallelizable except that for associated data processing, the final block-cipher call is sequential (it needs to wait for the encryption of all the previous ones). In this paper, we design a new online secure authenticated encryption, called ELmD or Encrypt-Linear mix-Decrypt, which is completely (two-stage) parallel (even in associated data) and fully pipeline implementable. It also provides full privacy when associated data is not repeated. Like COPA, our construction is based on EME, an Encrypt-Mix-Encrypt type SPRP construction (secure against chosen plaintext and ciphertext). But unlike EME, we have used an online computable efficient linear mixing instead of a non-linear mixing. We have also provided the hardware implementation of the construction and compare the performance with similar constructions like COPA and EME2.

Published

2016

16. Practical Privacy in WDM Networks with All-Optical Layered Encryption

Author

Anna Engelmann and Admela Jukan

Subjects

FOS: Computer and information sciences, Key generation, Computer Science - Cryptography and Security, business.industry, Computer science, 020208 electrical & electronic engineering, Data_MISCELLANEOUS, Client-side encryption, Cryptography, 02 engineering and technology, Encryption, Multiple encryption, 020210 optoelectronics & photonics, Disk encryption, Probabilistic encryption, 0202 electrical engineering, electronic engineering, information engineering, 40-bit encryption, Link encryption, Onion routing, business, Cryptography and Security (cs.CR), Computer network

Abstract

Privacy in form of anonymous communication could be comparably both faster and harder to break in optical routers than in today's anonymous IP networks based on The Onion Routing (Tor). Implementing the practical privacy all-optically, however, is not straightforward, as it requires key generation in each anonymization node to avoid distribution of long keys, and layered encryption, both at the optical line rate. Due to the unavailability of cryptographically strong optical key generation and encryption components, not only a layered encryption is a challenge, but an optical encryption in general. In this paper, we address the challenges of optical anonymous networking for the first time from the system's perspective, and discuss options for practical implementation of all-optical layered encryption. To this end, we propose an optical anonymization component realized with the state-of-the-art optical XOR logic and optical Linear Feedback Shift Registers (oLFSRs). Given that LFSR alone is known for its weak cryptographic security due to its linear properties, we propose an implementation with parallel oLFSRs and analyze the resulting computational security. The results show that proposed optical anonymization component is promising as it can be practically realized to provide a high computational security against deanonymization (privacy) attack.

Published

2016

17. Dynamic execution of secure queries over homomorphic encrypted databases

Author

Renaud Sirdey, Oana Stan, Sergiu Carpov, Département d'Architectures, Conception et Logiciels Embarqués-LIST (DACLE-LIST), Laboratoire d'Intégration des Systèmes et des Technologies (LIST (CEA)), Direction de Recherche Technologique (CEA) (DRT (CEA)), Commissariat à l'énergie atomique et aux énergies alternatives (CEA)-Commissariat à l'énergie atomique et aux énergies alternatives (CEA)-Direction de Recherche Technologique (CEA) (DRT (CEA)), Commissariat à l'énergie atomique et aux énergies alternatives (CEA)-Commissariat à l'énergie atomique et aux énergies alternatives (CEA), and Laboratoire d'Intégration des Systèmes et des Technologies (LIST)

Subjects

Homomorphic secret sharing, Query processing, Computer science, 02 engineering and technology, computer.software_genre, Encryption, Multiple encryption, Filesystem-level encryption, 0202 electrical engineering, electronic engineering, information engineering, Cloud computing, [INFO]Computer Science [cs], Run-time information, Boolean circuit, Ho-momorphic encryptions, 060201 languages & linguistics, Database, business.industry, Cloud computing securities, Fully homomorphic encryption, 06 humanities and the arts, Protection mechanisms, Reconfigurable hardware, Bus encryption, Database systems, Communication overheads, Homomorphic Encryption Schemes, Probabilistic encryption, 0602 languages and literature, Query languages, Cryptography, 020201 artificial intelligence & image processing, Link encryption, On-the-fly encryption, business, computer, Data privacy, Logic circuits

Abstract

Conference of 4th ACM International Workshop on Security in Cloud Computing, SCC 2016 ; Conference Date: 30 May 2016; Conference Code:121977; International audience; The wide use of cloud computing and of data outsourcing rises important concerns with regards to data security resulting thus in the necessity of protection mechanisms such as encryption of sensitive data. The recent major theoretical breakthrough of finding the Holy Grail of encryption, i.e. fully homomorphic encryption guarantees the privacy of queries and their results on encrypted data. However, there are only a few studies proposing a practical performance evaluation of the use of homomorphic encryption schemes in order to perform database queries. In this paper, we propose and analyse in the context of a secure framework for a generic database query interpreter two different methods in which client requests are dynamically executed on homomorphically encrypted data. Dynamic compilation of the requests allows to take advantage of the different optimizations performed during an off-line step on an intermediate code representation, taking the form of boolean circuits, and, moreover, to specialize the execution using runtime information. Also, for the returned encrypted results, we assess the complexity and the efficiency of the different protocols proposed in the literature in terms of overall execution time, accuracy and communication overhead.

Published

2016

18. An Encryption Technique for Provably Secure Transmission from a High Performance Computing Entity to a Tiny One

Author

Aleksandar Kavcic, Kanta Matsuura, and Miodrag J. Mihaljevic

Subjects

Plaintext-aware encryption, Article Subject, Computer science, General Mathematics, Distributed computing, 02 engineering and technology, Data_CODINGANDINFORMATIONTHEORY, Encryption, computer.software_genre, Multiple encryption, Filesystem-level encryption, Ciphertext, Computer Science::Multimedia, 0202 electrical engineering, electronic engineering, information engineering, Secure transmission, Computer Science::Information Theory, Computer Science::Cryptography and Security, business.industry, lcsh:Mathematics, General Engineering, 020206 networking & telecommunications, lcsh:QA1-939, 020202 computer hardware & architecture, Deterministic encryption, Disk encryption, Computer engineering, Probabilistic encryption, lcsh:TA1-2040, 56-bit encryption, 40-bit encryption, Link encryption, Attribute-based encryption, On-the-fly encryption, business, lcsh:Engineering (General). Civil engineering (General), computer

Abstract

An encryption/decryption approach is proposed dedicated to one-way communication between a transmitter which is a computationally powerful party and a receiver with limited computational capabilities. The proposed encryption technique combines traditional stream ciphering and simulation of a binary channel which degrades channel input by inserting random bits. A statistical model of the proposed encryption is analyzed from the information-theoretic point of view. In the addressed model an attacker faces the problem implied by observing the messages through a channel with random bits insertion. The paper points out a number of security related implications of the considered channel. These implications have been addressed by estimation of the mutual information between the channel input and output and estimation of the number of candidate channel inputs for a given channel output. It is shown that deliberate and secret key controlled insertion of random bits into the basic ciphertext provides security enhancement of the resulting encryption scheme.

Published

2016

19. Power Adaptive Data Encryption for Energy-Efficient and Secure Communication in Solar-Powered Wireless Sensor Networks

Author

Jong Min Kim, Junmin Yi, Minho Park, and Hong Sub Lee

Subjects

Article Subject, Computer science, business.industry, Client-side encryption, 020206 networking & telecommunications, 02 engineering and technology, Encryption, computer.software_genre, Bus encryption, Control and Systems Engineering, lcsh:Technology (General), 0202 electrical engineering, electronic engineering, information engineering, 40-bit encryption, 56-bit encryption, lcsh:T1-995, 020201 artificial intelligence & image processing, Attribute-based encryption, Link encryption, Electrical and Electronic Engineering, On-the-fly encryption, business, Instrumentation, computer, Computer network

Abstract

Basic security of data transmission in battery-powered wireless sensor networks (WSNs) is typically achieved by symmetric-key encryption, which uses little energy; but solar-powered WSNs sometimes have sufficient energy to achieve a higher level of security through public-key encryption. However, if energy input and usage are not balanced, nodes may black out. By switching between symmetric-key and public-key encryption, based on an energy threshold, the level of security can be traded off against the urgency of energy-saving. This policy can also reduce the amount of energy used by some nodes in a WSN, since data encrypted using a public-key is simply relayed by intermediate nodes, whereas data encrypted using a symmetric-key must be decrypted and reencrypted in every node on its path. Through a simulation, we compared the use of either symmetric-key or public-key encryption alone with our scheme, which was shown to be more secure, to use energy more effectively, and to reduce the occurrence of node blackouts.

Published

2016

20. Geo-specific encryption through implicitly authenticated location for 5G wireless systems

Author

Elizabeth A. Quaglia and Stefano Tomasin

Subjects

Computer science, Encryption, 050801 communication & media studies, Localization, Phisical Layer Security, Electrical and Electronic Engineering, Information Systems, 02 engineering and technology, computer.software_genre, Multiple encryption, 0508 media and communications, Filesystem-level encryption, 0202 electrical engineering, electronic engineering, information engineering, business.industry, 05 social sciences, Client-side encryption, 020206 networking & telecommunications, Probabilistic encryption, 40-bit encryption, Link encryption, On-the-fly encryption, business, computer, Computer network

Abstract

We propose a protocol for geo-specific encryption, which enables a user to encrypt and send a message over a wireless system, such that it can be decrypted only once the receiver has reached a specific location. In our protocol, encryption can be performed by anyone, based only on the knowledge of the location where the message can be decrypted. The receiver's location is established and implicitly authenticated by a location verification system (LVS) based on the physical properties of the wireless medium, exploiting in particular the shadowing phenomenon. The resulting solution, denoted LVS-based geo-specific encryption (LVSGE), combining cryptographic techniques and physical-layer features, represents a new approach to geo-specific encryption.

Published

2016

21. Secure Distributed Computation on Private Inputs

Author

Geoffroy Couteau, David Pointcheval, Thomas Peters, École normale supérieure - Paris (ENS Paris), Université Paris sciences et lettres (PSL), Construction and Analysis of Systems for Confidentiality and Authenticity of Data and Entities (CASCADE), Département d'informatique - ENS Paris (DI-ENS), Centre National de la Recherche Scientifique (CNRS)-Institut National de Recherche en Informatique et en Automatique (Inria)-École normale supérieure - Paris (ENS Paris), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Centre National de la Recherche Scientifique (CNRS)-Institut National de Recherche en Informatique et en Automatique (Inria)-École normale supérieure - Paris (ENS Paris), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Inria Paris-Rocquencourt, Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS), Laboratoire d'informatique de l'école normale supérieure (LIENS), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL), IACR Cryptology ePrint Archive, European Project: 339563,EC:FP7:ERC,ERC-2013-ADG,CRYPTOCLOUD(2014), École normale supérieure - Paris (ENS-PSL), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-École normale supérieure - Paris (ENS-PSL), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-Inria Paris-Rocquencourt, Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS), Pointcheval, David, Cryptography for the Cloud - CRYPTOCLOUD - - EC:FP7:ERC2014-06-01 - 2019-05-31 - 339563 - VALID, Département d'informatique de l'École normale supérieure (DI-ENS), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-École normale supérieure - Paris (ENS Paris), and Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Centre National de la Recherche Scientifique (CNRS)

Subjects

Theoretical computer science, Computer science, 0102 computer and information sciences, 02 engineering and technology, Encryption, computer.software_genre, 01 natural sciences, Disk encryption hardware, Multiple encryption, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], Filesystem-level encryption, Computer Science::Multimedia, 0202 electrical engineering, electronic engineering, information engineering, [INFO.INFO-CR] Computer Science [cs]/Cryptography and Security [cs.CR], Computer Science::Cryptography and Security, business.industry, Client-side encryption, Homomorphic encryption, 020206 networking & telecommunications, 16. Peace & justice, Bus encryption, Disk encryption, 010201 computation theory & mathematics, Probabilistic encryption, 56-bit encryption, 40-bit encryption, Link encryption, Attribute-based encryption, On-the-fly encryption, business, computer

Abstract

International audience; The recent notion of encryption switching protocol (ESP) allows two players to obliviously switch between two encryption schemes. Instantiated from multiplicatively homomorphic encryption and additively homomorphic encryption, ESPs provide a generic solution to two-party computation and lead to particularly efficient protocols for arithmetic circuits in terms of interaction and communication. In this paper, we further investigate their applications and show how ESPs can be used as an alternative to fully-homomorphic encryption (FHE) to outsource computation on sensitive data to cloud providers. Our interactive solution relies on two non-colluding servers which obliviously perform the operations on encrypted data, and eventually send back the outcome in an encrypted form to the appropriate players. Our solution makes use of a nice combination of the Paillier encryption scheme and the Damgard-Jurik variant with multiple trapdoors, which notably allows cross-user evaluations on encrypted data.

Published

2015

22. On link encryption against wiretapping attack in network coding

Author

Tang, Zhaohui

Published

2013

23. Stateful Identity-Based Encryption Scheme: FasterEncryption and Decryption

Author

Hiroto Matsuoka, Le Trieu Phong, and Wakaha Ogata

Subjects

Provable security, Theoretical computer science, Plaintext-aware encryption, business.industry, Computer science, Client-side encryption, Cryptography, computer.software_genre, Encryption, Disk encryption hardware, Random oracle, Deterministic encryption, Multiple encryption, Filesystem-level encryption, Disk encryption, Probabilistic encryption, Pairing, 56-bit encryption, 40-bit encryption, Attribute-based encryption, Link encryption, On-the-fly encryption, business, computer

Abstract

In this paper, we first present the notion of stateful identity-based encryption (IBE) and then extend standard security definitions for IBE to the stateful setting. After that, we demonstrate a concrete stateful IBE scheme, whose security meets the strongest definition in the setting in random oracle model, and whose encryption and decryption are very efficient, compared to existing IBEs: one pairing each for encryption and decryption.

Published

2008

24. Anonymous Multi-Receiver Identity-Based Authenticated Encryption with CCA Security

Author

Chun-I Fan and Yi-Fan Tseng

Subjects

Authenticated encryption, anonymity, Physics and Astronomy (miscellaneous), business.industry, Computer science, bilinear pairing, General Mathematics, lcsh:Mathematics, multi-receiver encryption, Encryption, Computer security, computer.software_genre, lcsh:QA1-939, Multiple encryption, Ciphertext indistinguishability, Chemistry (miscellaneous), Ciphertext, Computer Science (miscellaneous), chosen-ciphertext attacks, Attribute-based encryption, Link encryption, business, Semantic security, computer, identity-based encryption

Abstract

In a multi-receiver encryption system, a sender chooses a set of authorized receivers and sends them a message securely and efficiently, as the message is well encrypted and only one ciphertext corresponding to the message is generated no matter how many receivers the sender has chosen. It can be applied to video conferencing systems, pay-per-view channels, remote education, and so forth. Due to privacy considerations, an authorized receiver may not expect that his identity is revealed. In 2010, anonymous multi-receiver identity-based (ID-based) encryption was first discussed, and furthermore, many works on the topic have been presented so far. Unfortunately, we find that all of those schemes fail to prove the chosen ciphertext attacks (CCA) security in either confidentiality or anonymity. In this manuscript, we propose the first anonymous multi-receiver ID-based authenticated encryption scheme with CCA security in both confidentiality and anonymity. In the proposed scheme, the identity of the sender of a ciphertext can be authenticated by the receivers after a successful decryption. In addition, the proposed scheme also is the first CCA-secure one against insider attacks. Moreover, only one pairing computation is required in decryption.

Published

2015

25. Can We Securely Use CBC Mode in TLS1.0?

Author

Takashi Kurokawa, Ryo Nojima, Shiho Moriai, National Institute of Information and Communications Technology [Tokyo, Japan] (NICT), Ismail Khalil, Erich Neuhold, A Min Tjoa, Li Da Xu, Ilsun You, TC 5, TC 8, and WG 8.9

Subjects

060201 languages & linguistics, Software_OPERATINGSYSTEMS, TLS1.0, Computer science, business.industry, [SHS.INFO]Humanities and Social Sciences/Library and information sciences, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, The BEAST attack, 06 humanities and the arts, 02 engineering and technology, RC4, Data_CODINGANDINFORMATIONTHEORY, Mode (computer interface), 0602 languages and literature, 0202 electrical engineering, electronic engineering, information engineering, Security, 020201 artificial intelligence & image processing, [INFO]Computer Science [cs], Link encryption, business, Protocol (object-oriented programming), Block cipher, Computer network

Abstract

Part 6: Network Security; International audience; Currently, TLS1.0 is one of the most widely deployed protocol versions for SSL/TLS. In TLS1.0, there are only two choices for the bulk encryption, i.e., RC4 or block ciphers in the CBC mode, which have been criticized to be insecure.In this paper, we explore the current status of the CBC mode in TLS1.0 and prove theoretically that the current version of the (patched) CBC mode in TLS1.0 satisfies indistinguishability, which implies that it is secure against BEAST type of attacks.

Published

2015

26. Public-Key Encryption Indistinguishable Under Plaintext-Checkable Attacks

Author

David Pointcheval, Fabrice Benhamouda, Michel Abdalla, Construction and Analysis of Systems for Confidentiality and Authenticity of Data and Entities (CASCADE), Département d'informatique de l'École normale supérieure (DI-ENS), École normale supérieure - Paris (ENS Paris), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-École normale supérieure - Paris (ENS Paris), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-Inria Paris-Rocquencourt, Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS), Université Paris sciences et lettres (PSL), Laboratoire d'informatique de l'école normale supérieure (LIENS), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Centre National de la Recherche Scientifique (CNRS), IACR, Centre National de la Recherche Scientifique (CNRS), Inria de Paris, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-Département d'informatique de l'École normale supérieure (DI-ENS), CFM Foundation, ANR-12-INSE-0014,SIMPATIC,SIM et théorie des couplages pour la sécurité de l'information et des communications(2012), European Project: 339563,EC:FP7:ERC,ERC-2013-ADG,CRYPTOCLOUD(2014), Département d'informatique - ENS Paris (DI-ENS), École normale supérieure - Paris (ENS-PSL), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-École normale supérieure - Paris (ENS-PSL), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-Centre National de la Recherche Scientifique (CNRS)-Inria de Paris, Institut National de Recherche en Informatique et en Automatique (Inria), Centre National de la Recherche Scientifique (CNRS)-Institut National de Recherche en Informatique et en Automatique (Inria)-École normale supérieure - Paris (ENS Paris), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Centre National de la Recherche Scientifique (CNRS)-Institut National de Recherche en Informatique et en Automatique (Inria)-École normale supérieure - Paris (ENS Paris), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Centre National de la Recherche Scientifique (CNRS)-Inria de Paris, Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Inria Paris-Rocquencourt, and Jonathan Katz

Subjects

Plaintext-aware encryption, Theoretical computer science, Computer Networks and Communications, 0102 computer and information sciences, 02 engineering and technology, Encryption, Computer security, computer.software_genre, 01 natural sciences, Multiple encryption, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], 0202 electrical engineering, electronic engineering, information engineering, Mathematics, business.industry, Plaintext, Deterministic encryption, Ciphertext indistinguishability, 010201 computation theory & mathematics, Probabilistic encryption, 020201 artificial intelligence & image processing, Link encryption, Attribute-based encryption, business, computer, Software, Information Systems

Abstract

International audience; Indistinguishability under adaptive chosen-ciphertext attack (IND-CCA) is now considered the de facto security notion for public-key encryption. However, the security guarantee that it offers is sometimes stronger than what is needed by certain applications. In this paper, we consider a weaker notion of security for public-key encryption, termed indistinguishability under plaintext-checking attacks (IND-PCA), in which the adversary is only given access to an oracle which says whether or not a given ciphertext encrypts a given message. After formaliz- ing the IND-PCA notion, we then design a new public-key encryption scheme satisfying it. The new scheme is a more efficient variant of the Cramer-Shoup encryption scheme with shorter ciphertexts and its secu- rity is also based on the plain Decisional Diffie-Hellman (DDH) assump- tion. Additionally, the algebraic properties of the new scheme also allow for proving plaintext knowledge using Groth-Sahai non-interactive zero- knowledge proofs or smooth projective hash functions. Finally, in order to illustrate the usefulness of the new scheme, we further show that, for many password-based authenticated key exchange (PAKE) schemes in the Bellare-Pointcheval-Rogaway security model, one can safely replace the underlying IND-CCA encryption schemes with our new IND-PCA one. By doing so, we were able to reduce the overall communication complex- ity of these protocols and obtain the most efficient PAKE schemes to date based on the plain DDH assumption.

Published

2014

27. Experimental scrambling and noise reduction applied to the optical encryption of QR codes

Author

Roberto Torroba, John Fredy Barrera, and Alejandro Ramírez Vélez

Subjects

Computer science, Ciencias Físicas, ComputingMethodologies_IMAGEPROCESSINGANDCOMPUTERVISION, Encryption, Processing, Disk encryption hardware, Scrambling, purl.org/becyt/ford/1 [https], Multiple encryption, Optics, Speckle, Óptica, business.industry, Física, purl.org/becyt/ford/1.3 [https], Atomic and Molecular Physics, and Optics, Disk encryption theory, Probabilistic encryption, 40-bit encryption, 56-bit encryption, Security, Link encryption, business, Algorithm, CIENCIAS NATURALES Y EXACTAS

Abstract

In this contribution, we implement two techniques to reinforce optical encryption, which we restrict in particular to the QR codes, but could be applied in a general encoding situation. To our knowledge, we present the first experimental-positional optical scrambling merged with an optical encryption procedure. The inclusion of an experimental scrambling technique in an optical encryption protocol, in particular dealing with a QR code “container”, adds more protection to the encoding proposal. Additionally, a nonlinear normalization technique is applied to reduce the noise over the recovered images besides increasing the security against attacks. The opto-digital techniques employ an interferometric arrangement and a joint transform correlator encrypting architecture. The experimental results demonstrate the capability of the methods to accomplish the task., Centro de Investigaciones Ópticas

Published

2014

28. Coupling Functions Enable Secure Communications

Author

Tomislav Stankovski, Aneta Stefanovska, and Peter V. E. McClintock

Subjects

Dynamical systems theory, Computer science, business.industry, Physics, QC1-999, General Physics and Astronomy, Modular design, Encryption, Cipher, Transmission (telecommunications), Coupling (computer programming), Link encryption, business, Communication complexity, Computer network, Computer Science::Cryptography and Security

Abstract

Secure encryption is an essential feature of modern communications, but rapid progress in illicit decryption brings a continuing need for new schemes that are harder and harder to break. Inspired by the time-varying nature of the cardiorespiratory interaction, here we introduce a new class of secure communications that is highly resistant to conventional attacks. Unlike all earlier encryption procedures, this cipher makes use of the coupling functions between interacting dynamical systems. It results in an unbounded number of encryption key possibilities, allows the transmission/reception of more than one signal simultaneously, and is robust against external noise. Thus, the information signals are encrypted as the time-variations of linearly-independent coupling functions. Using predetermined forms of coupling function, we can apply Bayesian inference on the receiver side to detect and separate the information signals while simultaneously eliminating the effect of external noise. The scheme is highly modular and is readily extendable to support different communications applications within the same general framework.

Published

2014

29. Chaos Based Joint Compression and Encryption Framework for End-to-End Communication Systems

Author

Nidhi Goel, Balasubramanian Raman, and Indra Gupta

Subjects

General Computer Science, Article Subject, business.industry, Computer science, Client-side encryption, Data_CODINGANDINFORMATIONTHEORY, Encryption, computer.software_genre, lcsh:QA75.5-76.95, Multiple encryption, Probabilistic encryption, 40-bit encryption, 56-bit encryption, Link encryption, lcsh:Electronic computers. Computer science, On-the-fly encryption, business, computer, Computer network

Abstract

Augmentation in communication and coding technology has made encryption an integral part of secure multimedia communication systems. Security solution for end-to-end image transmission requires content adaptation at intermediate nodes, which consumes significant resources to decrypt, process, and reencrypt the secured data. To save the computational resources, this paper proposes a network-friendly encryption technique, which can be implemented in transparency to content adaptation techniques. The proposed encryption technique maintains the compression efficiency of underlying entropy coder, and enables the processing of encrypted data. Thorough analysis of the technique, as regards various standard evaluation parameters and attack scenarios, demonstrates its ability to withstand known-plaintext, ciphertext-only, and approximation attacks. This justifies its implementation for secure image transmission for end-to-end communication systems.

Published

2014

30. An Image Encryption Algorithm Based on Balanced Pixel and Chaotic Map

Author

Yutong Zhang and Jian Zhang

Subjects

Theoretical computer science, Article Subject, business.industry, General Mathematics, lcsh:Mathematics, General Engineering, computer.software_genre, Encryption, lcsh:QA1-939, Multiple encryption, Computer engineering, Probabilistic encryption, lcsh:TA1-2040, 40-bit encryption, 56-bit encryption, Attribute-based encryption, Link encryption, On-the-fly encryption, business, lcsh:Engineering (General). Civil engineering (General), computer, Mathematics

Abstract

Image encryption technology has been applied in many fields and is becoming the main way of protecting the image information security. There are also many ways of image encryption. However, the existing encryption algorithms, in order to obtain a better effect of encryption, always need encrypting several times. There is not an effective method to decide the number of encryption times, generally determined by the human eyes. The paper proposes an image encryption algorithm based on chaos and simultaneously proposes a balanced pixel algorithm to determine the times of image encryption. Many simulation experiments have been done including encryption effect and security analysis. Experimental results show that the proposed method is feasible and effective.

Published

2014

31. Distributed Key Generation for Encrypted Deduplication: Achieving the Strongest Privacy

Author

Yitao Duan

Subjects

Convergent encryption, Cloud computing security, Computer science, business.industry, Client-side encryption, computer.software_genre, Encryption, Computer security, Random oracle, Deterministic encryption, Multiple encryption, Distributed key generation, Filesystem-level encryption, Probabilistic encryption, Data redundancy, 56-bit encryption, 40-bit encryption, Data deduplication, Attribute-based encryption, Key server, Link encryption, On-the-fly encryption, business, Cloud storage, computer

Abstract

Large-scale cloud storage systems often attempt to achieve two seemingly conflicting goals: (1) the systems need to reduce the copies of redundant data to save space, a process called deduplication; and (2) users demand encryption of their data to ensure privacy. Conventional encryption makes deduplication on ciphertexts ineffective, as it destroys data redundancy. A line of work, originated from Convergent Encryption [27], and evolved into Message Locked Encryption [13] and the latest DupLESS architecture [12], strives to solve this problem. DupLESS relies on a key server to help the clients generate encryption keys that result in convergent ciphertexts. In this paper, we first introduce a new security notion appropriate for the setting of deduplication and show that it is strictly stronger than all relevant notions. We then provide a rigorous proof of security against this notion, in the random oracle model, for the DupLESS architecture which is lacking in the original paper. Our proof shows that using additional secret, other than the data itself, for generating encryption keys achieves the best possible security under current deduplication paradigm. We also introduce a distributed protocol that eliminates the need for the key server. This not only provides better protection but also allows less managed systems such as P2P systems to enjoy the high security level. Implementation and evaluation show that the scheme is both robust and practical.

Published

2014

32. Generalized Key Delegation for Wildcarded Identity-Based and Inner-Product Encryption

Author

Duong Hieu Phan, A. De Caro, Michel Abdalla, Construction and Analysis of Systems for Confidentiality and Authenticity of Data and Entities (CASCADE), Département d'informatique - ENS Paris (DI-ENS), Centre National de la Recherche Scientifique (CNRS)-Institut National de Recherche en Informatique et en Automatique (Inria)-École normale supérieure - Paris (ENS Paris), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Centre National de la Recherche Scientifique (CNRS)-Institut National de Recherche en Informatique et en Automatique (Inria)-École normale supérieure - Paris (ENS Paris), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Inria Paris-Rocquencourt, Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS), École normale supérieure - Paris (ENS Paris), Université Paris sciences et lettres (PSL), Laboratoire d'informatique de l'école normale supérieure (LIENS), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL), Dipartimento di Informatica [Italy] (DI), Università degli Studi di Salerno (UNISA), Université Paris 8 Vincennes-Saint-Denis (UP8), Département d'informatique de l'École normale supérieure (DI-ENS), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-École normale supérieure - Paris (ENS Paris), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-Inria Paris-Rocquencourt, Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Centre National de la Recherche Scientifique (CNRS), École normale supérieure - Paris (ENS-PSL), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-École normale supérieure - Paris (ENS-PSL), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS), and Università degli Studi di Salerno = University of Salerno (UNISA)

Subjects

Plaintext-aware encryption, Theoretical computer science, Computer Networks and Communications, Computer science, media_common.quotation_subject, 0211 other engineering and technologies, Cryptography, 02 engineering and technology, Encryption, Multiple encryption, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], Ciphertext, 0202 electrical engineering, electronic engineering, information engineering, inner-product encryption, Key derivation function, Safety, Risk, Reliability and Quality, Predicate encryption, media_common, 021110 strategic, defence & security studies, Delegation, business.industry, wildcarded identity-based encryption, Disk encryption theory, Deterministic encryption, Probabilistic encryption, 56-bit encryption, 40-bit encryption, 020201 artificial intelligence & image processing, Attribute-based encryption, Link encryption, business, Anonymity

Abstract

International audience; Inspired by the fact that many e-mail addresses correspond to groups of users, Abdalla et al. introduced the no- tion of identity-based encryption with wildcards (WIBE), which allows a sender to simultaneously encrypt messages to a group of users matching a certain pattern, defined as a sequence of identity strings and wildcards. This notion was later generalized by Abdalla, Kiltz, and Neven, who considered more general delegation patterns during the key derivation process. Despite its many applications, current constructions have two significant limitations: 1) they are only known to be fully secure when the maximum hierarchy depth is a constant; and 2) they do not hide the pattern associated with the ciphertext. To overcome these, this paper offers two new constructions. First, we show how to convert a WIBE scheme of Abdalla et al. into a (nonanonymous) WIBE scheme with generalized key delegation (WW-IBE) that is fully secure even for polynomially many levels. Then, to achieve anonymity, we initially consider hierarchical predicate encryption (HPE) schemes with more generalized forms of key delegation and use them to construct an anonymous WW-IBE scheme. Finally, to instantiate the former, we modify the HPE scheme of Lewko et al. to allow for more general key delegation patterns. Our proofs are in the standard model and use existing complexity assumptions.

Published

2012

33. Efficient MPEG-2 transport stream encryption method for low processing power mobile devices

Author

Simanaitis, V., Liutkevicius, A., Vrubliauskas, A., Kazanavicius, E., Imbrasas, D., and Kauno technologijos universitetas

Subjects

business.industry, Computer science, Client-side encryption, Encryption, computer.software_genre, Multiple encryption, Disk encryption, Embedded system, 56-bit encryption, 40-bit encryption, Link encryption, Electrical and Electronic Engineering, On-the-fly encryption, business, computer

Abstract

Video stream encryption is the main method for the protection of intellectual property in modern digital rights management systems (DRM). Existing encryption methods ensure very high protection level of encrypted content, but at the same time are very resources demanding, making them hardly suitable for low processing power mobile end-user devices. This paper presents partial MPEG-2 transport stream encryption method, which is suitable for such low power user terminals. The experimental evaluation of proposed method show that encryption and decryption times, comparing with standard full encryption, are reduced from 3 (static video) up to 9 times (dynamic video), making proposed method a good choice for low processing power decryption devices., Videosrauto šifravimas yra pagrindinis metodas intelektinei nuosavybei užtikrinti šiuolaikinėse skaitmeninių teisių valdymo sistemose (DRM). Esami šifravimo metodai garantuoja labai aukštą apsaugos lygį, bet tuo pat metu reikalauja labai didelių skaičiavimo išteklių ir yra sunkiai pritaikomi ribotų skaičiavimo išteklių mobiliesiems vartotojų įrenginiams. Šiame straipsnyje pristatomas dalinis MPEG-2 transporto srauto šifravimo metodas, kuris yra tinkamas tokiems ribotų resursų terminaliniams vartotojų įrenginiams. Siūlomo metodo eksperimentinio įvertinimo rezultatai rodo, kad šifravimo ir dešifravimo trukmės, palyginti su standartiniu visišku šifravimu, yra sutrumpinamos nuo trijų (esant statiniam vaizdui) iki devynių kartų (esant dinaminiam vaizdui), todėl šis metodas tinka ribotų skaičiavimo išteklių dešifravimo įrenginiams.

Published

2012

34. Image Encryption Using a Lightweight Stream Encryption Algorithm

Author

Saeed Bahrami and Majid Naderi

Subjects

Theoretical computer science, Article Subject, General Computer Science, Computer science, business.industry, computer.software_genre, Encryption, lcsh:QA75.5-76.95, Disk encryption theory, Deterministic encryption, Multiple encryption, Computer engineering, Probabilistic encryption, 40-bit encryption, Link encryption, lcsh:Electronic computers. Computer science, On-the-fly encryption, business, computer

Abstract

Security of the multimedia data including image and video is one of the basic requirements for the telecommunications and computer networks. In this paper, we consider a simple and lightweight stream encryption algorithm for image encryption, and a series of tests are performed to confirm suitability of the described encryption algorithm. These tests include visual test, histogram analysis, information entropy, encryption quality, correlation analysis, differential analysis, and performance analysis. Based on this analysis, it can be concluded that the present algorithm in comparison to A5/1 and W7 stream ciphers has the same security level, is better in terms of the speed of performance, and is used for real-time applications.

Published

2012

35. Flexible optical encryption with multiple users and multiple security levels

Author

Thomas J. Naughton and Naveen K. Nishchal

Subjects

business.industry, Computer science, ComputingMethodologies_IMAGEPROCESSINGANDCOMPUTERVISION, Cryptography, Encryption, computer.software_genre, Atomic and Molecular Physics, and Optics, Electronic, Optical and Magnetic Materials, Bus encryption, Multiple encryption, Optics, Filesystem-level encryption, Key (cryptography), Link encryption, Electrical and Electronic Engineering, Physical and Theoretical Chemistry, On-the-fly encryption, business, Telecommunications, computer, Computer network

Abstract

We present a basic optical encryption architecture that admits several cryptography applications based on multiplexing. Users can decrypt different private images from the same encrypted image, a superuser can have a key that decrypts all encrypted images, and multiplexed images can be encrypted with different levels of security. This system is presented in the context of a general framework of optical encryption application development. We illustrate with a real-world three-dimensional scene, captured with digital holography, and encrypted using the fractional Fourier transform, where different users have access to different three-dimensional objects in the scene.

Published

2011

36. Information authentication using photon-counting double-random-phase encrypted images

Author

Elisabet Pérez-Cabré, Bahram Javidi, Myungjin Cho, Universitat Politècnica de Catalunya. Departament d'Òptica i Optometria, and Universitat Politècnica de Catalunya. GOAPI - Grup d'Òptica Aplicada i Processament d'Imatge

Subjects

Ciències de la visió::Òptica física [Àrees temàtiques de la UPC], Computer science, Data_MISCELLANEOUS, ComputingMethodologies_IMAGEPROCESSINGANDCOMPUTERVISION, Physics::Optics, Photon detectors, Encryption, computer.software_genre, Multiple encryption, Optical images, Optics, Filesystem-level encryption, Computer Science::Multimedia, Computer vision, Data encryption (Computer science), Computer Science::Cryptography and Security, Authentication, Física [Àrees temàtiques de la UPC], business.industry, Atomic and Molecular Physics, and Optics, Fotons, Disk encryption, Probabilistic encryption, Computer Science::Computer Vision and Pattern Recognition, Encriptació de dades (Informàtica), Imatges òptiques, Link encryption, Artificial intelligence, On-the-fly encryption, Optical data processing, business, computer

Abstract

Photon-counting imaging is integrated with optical encryption for information authentication. An image is double-random-phase encrypted, and a photon-limited encrypted image is obtained. The photon-counting encrypted image is generated with few photons and appears sparse; however, we show that it has sufficient information for decryption and authentication. The decrypted image cannot be easily visualized so that an additional layer of information protection is achieved. The authentication is carried out by recognition algorithms. This approach may make the verification process more robust against attacks. To the best of our knowledge, this is the first report on integrating photon-counting imaging and encryption for authentication.

Published

2011

37. On Re-use of randomness in broadcast encryption

Author

Alessio Merlo and Paolo Gasti

Subjects

business.industry, Computer science, Encryption, computer.software_genre, Multiple encryption, Atomic broadcast, Probabilistic encryption, Link encryption, Attribute-based encryption, On-the-fly encryption, business, Broadcast encryption, computer, Computer Science::Information Theory, Computer Science::Cryptography and Security, Computer network

Abstract

Broadcast encryption provides an efficient way to encrypt a message for a large number of receivers. This paper investigates whether it is possible to further improve efficiency of an existing state-of-the-art broadcast encryption scheme by reusing a some of the random choices among different encryptions, without compromising the security of the original scheme. We introduce two schemes: the first allows a transmitter to efficiently encrypt several messages to a set of users; the second scheme extends the first by allowing the transmitter to efficiently send independent messages to different groups at once. We illustrate two scenarios where our schemes provide significant advantages compared to existing solutions.

Published

2011

38. RSA Public-Key Encryption

Author

David Pointcheval, Construction and Analysis of Systems for Confidentiality and Authenticity of Data and Entities (CASCADE), Département d'informatique de l'École normale supérieure (DI-ENS), École normale supérieure - Paris (ENS Paris), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-École normale supérieure - Paris (ENS Paris), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-Inria Paris-Rocquencourt, Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS), Henk C. A. van Tilborg and Sushil Jajodia, Département d'informatique - ENS Paris (DI-ENS), Centre National de la Recherche Scientifique (CNRS)-Institut National de Recherche en Informatique et en Automatique (Inria)-École normale supérieure - Paris (ENS Paris), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Centre National de la Recherche Scientifique (CNRS)-Institut National de Recherche en Informatique et en Automatique (Inria)-École normale supérieure - Paris (ENS Paris), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Inria Paris-Rocquencourt, École normale supérieure - Paris (ENS-PSL), and Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-École normale supérieure - Paris (ENS-PSL)

Subjects

business.industry, Computer science, 020206 networking & telecommunications, 0102 computer and information sciences, 02 engineering and technology, Encryption, 01 natural sciences, Disk encryption theory, Multiple encryption, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], 010201 computation theory & mathematics, Probabilistic encryption, 0202 electrical engineering, electronic engineering, information engineering, 40-bit encryption, 56-bit encryption, Link encryption, Attribute-based encryption, business, Computer network

Abstract

International audience; Voir article

Published

2011

39. Scalable and efficient provable data possession

Author

Luigi V. Mancini, Giuseppe Ateniese, Roberto Di Pietro, Gene Tsudik, Giuseppe, Ateniese, DI PIETRO, Roberto, LUIGI V., Mancini, and Gene, Tsudik

Subjects

provable data possession, information storage systems, cloud storage security, Computer science, business.industry, probabilistic algorithm, Encryption, Computer security, computer.software_genre, archival storage, Public-key cryptography, File server, Symmetric-key algorithm, Scalability, Storage security, Link encryption, business, information storage systems, archival storage, storage update, computer, Block (data storage)

Abstract

Storage outsourcing is a rising trend which prompts a number of interesting security issues, many of which have been extensively investigated in the past. However, Provable Data Possession (PDP) is a topic that has only recently appeared in the research literature. The main issue is how to frequently, efficiently and securely verify that a storage server is faithfully storing its client's (potentially very large) outsourced data. The storage server is assumed to be untrusted in terms of both security and reliability. (In other words, it might maliciously or accidentally erase hosted data; it might also relegate it to slow or off-line storage.) The problem is exacerbated by the client being a small computing device with limited resources. Prior work has addressed this problem using either public key cryptography or requiring the client to outsource its data in encrypted form.In this paper, we construct a highly efficient and provably secure PDP technique based entirely on symmetric key cryptography, while not requiring any bulk encryption. Also, in contrast with its predecessors, our PDP technique allows outsourcing of dynamic data, i.e, it efficiently supports operations, such as block modification, deletion and append.

Published

2008

40. A novel secure H.264 transcoder using selective encryption

Author

Nithin Thomas, D. Lefol, David W. Redmill, and David Bull

Subjects

Computer science, ComputingMethodologies_IMAGEPROCESSINGANDCOMPUTERVISION, Cryptography, Transcoding, Data_CODINGANDINFORMATIONTHEORY, security, Encryption, computer.software_genre, Multiple encryption, Filesystem-level encryption, Bitstream, cryptography, business.industry, Client-side encryption, video coding, Bus encryption, Disk encryption, Probabilistic encryption, TV broadcasting, 40-bit encryption, 56-bit encryption, Link encryption, Attribute-based encryption, On-the-fly encryption, business, computer, Computer network

Abstract

In digital broadcast TV systems, video data is normally encrypted before transmission. For in-home redistribution, it is often necessary to transcode the bitstream to achieve optimum utilization of available bandwidth. If a signal is decrypted before transcoding and re-encrypted, this may lead to a security loophole. This paper presents a solution in the form of a novel H.264 selective encryption algorithm that encrypts sign bits of transform coefficients and motion vectors to allow secure transcoding without decryption. The performance of this system is compared with I-frame encryption. The results show that sign encryption is more secure than I-frame encryption and has a lower complexity. A hybrid system using a modified transcoder and sign encryption is found to give an optimal compromise between security and transcoding performance.

Published

2007

41. Secure Hybrid Encryption from Weakened Key Encapsulation

Author

Hofheinz, Dennis, Kiltz, Eike, Menezes, A., and Cryptology

Subjects

Plaintext-aware encryption, business.industry, Encryption, Computer security, computer.software_genre, Multiple encryption, Probabilistic encryption, 56-bit encryption, 40-bit encryption, Link encryption, Attribute-based encryption, business, computer, Mathematics

Abstract

We put forward a new paradigm for building hybrid encryption schemes from constrained chosen-ciphertext secure (CCCA) key-encapsulation mechanisms (KEMs) plus authenticated symmetric encryption. Constrained chosen-ciphertext security is a new security notion for KEMs that we propose. It has less demanding security requirements than standard CCCA security (since it requires the adversary to have a certain plaintext-knowledge when making a decapsulation query) yet we can prove that it is CCCA sufficient for secure hybrid encryption. Our notion is not only useful to express the Kurosawa-Desmedt public-key encryption scheme and its generalizations to hash-proof systems in an abstract KEM/DEM security framework. It also has a very constructive appeal, which we demonstrate with a new encryption scheme whose security relies on a class of intractability assumptions that we show (in the generic group model) strictly weaker than the Decision Diffie-Hellman (DDH) assumption. This appears to be the first practical public-key encryption scheme in the literature from an algebraic assumption strictly weaker than DDH.

Published

2007

42. Universally Anonymizable Public-Key Encryption

Author

Ryotaro Hayashi and Keisuke Tanaka

Subjects

Theoretical computer science, business.industry, Data_MISCELLANEOUS, computer.software_genre, Encryption, Computer security, Multiple encryption, Filesystem-level encryption, Probabilistic encryption, 56-bit encryption, 40-bit encryption, Link encryption, On-the-fly encryption, business, computer, Mathematics

Abstract

We first propose the notion of universally anonymizable public-key encryption. Suppose that we have the encrypted data made with the same security parameter, and that these data do not satisfy the anonymity property. Consider the situation that we would like to transform these encrypted data to those with the anonymity property without decrypting these encrypted data. In this paper, in order to formalize this situation, we propose a new property for public-key encryption called universal anonymizability. If we use a universally anonymizable public-key encryption scheme, not only the person who made the ciphertexts, but also anyone can anonymize the encrypted data without using the corresponding secret key. We then propose universally anonymizable public-key encryption schemes based on the ElGamal encryption scheme, the Cramer-Shoup encryption scheme, and RSA-OAEP, and prove their security.

Published

2006

43. Security analysis of optical encryption

Author

Bahram Javidi, Thomas J. Naughton, Albertina Castro, and Yann Frauel

Subjects

Plaintext-aware encryption, business.industry, Computer science, Data_MISCELLANEOUS, Plaintext, Computer security, computer.software_genre, Watermarking attack, Probabilistic encryption, Computer Science::Multimedia, 40-bit encryption, 56-bit encryption, Link encryption, business, computer, Ciphertext-only attack, Computer network, Computer Science::Cryptography and Security

Abstract

This paper analyzes the security of amplitude encoding for double random phase encryption. We describe several types of attack. The system is found to be resistant to brute-force attacks but vulnerable to chosen and known plaintext attacks.

Published

2005

44. Cryptanalysis of a chaotic image encryption method

Author

Xuan Zheng and Shujun Li

Subjects

Theoretical computer science, Plaintext-aware encryption, Computer science, Cryptography, Encryption, computer.software_genre, Computer security, law.invention, Watermarking attack, law, Chosen-ciphertext attack, Key size, business.industry, Key space, Plaintext, Ciphertext indistinguishability, Symmetric-key algorithm, Probabilistic encryption, 56-bit encryption, 40-bit encryption, Link encryption, On-the-fly encryption, business, Cryptanalysis, Semantic security, Ciphertext-only attack, computer

Abstract

The security of digital images attracts much attention recently, and many image encryption methods have been proposed. In IS-CAS2000, a new chaotic key-based algorithm (CKBA) for image encryption was proposed. This paper points out CKBA is very weak to the chosen/known-plaintext attack with only one plain-image, and its security to brute-force ciphertext-only attack is overestimated by the authors. That is to say, CKBA is not secure at all from cryptographic viewpoint. Some experiments are made to show the feasibility of the chosen/known-plaintext attack. We also discuss some remedies to the original scheme and their performance, and we find none of them can essentially improve the security of CKBA.

Published

2002

45. Joint Encryption and Compression of Correlated Sources with Side Information

Author

Koduvayur P. Subbalakshmi, Rajarathnam Chandramouli, and M.A. Haleem

Subjects

Theoretical computer science, Computer science, business.industry, Distributed source coding, Cryptography, General Medicine, Data_CODINGANDINFORMATIONTHEORY, Encryption, Computer Science Applications, Multiple encryption, Computer engineering, Probabilistic encryption, Computer Science::Multimedia, Signal Processing, 40-bit encryption, 56-bit encryption, Link encryption, business, Computer Science::Cryptography and Security

Abstract

We propose a joint encryption and compression (JEC) scheme with emphasis on application to video data. The proposed JEC scheme uses the philosophy of distributed source coding with side information to reduce the complexity of the compression process and at the same time uses cryptographic principles to ensure that security is built into the scheme. The joint distributed compression and encryption is achieved using a special class of codes called high-diffusion (HD) codes that were proposed recently in the context of joint error correction and encryption. By using the duality between channel codes and Slepian-Wolf coding, we construct a joint compression and encryption scheme that uses these codes in the diffusion layer. We adapt this cipher to MJPEG2000 with the inclusion of minimal amount of joint processing of video frames at the encoder.

46. Private predictive analysis on encrypted medical data

Author

Joppe W. Bos, Michael Naehrig, and Kristin E. Lauter

Subjects

Predictive analysis, Medical Records Systems, Computerized, Computer science, Logistic regression, Health Informatics, Computer security, computer.software_genre, Encryption, Multiple encryption, Computer Security, Proportional Hazards Models, Database, business.industry, Proportional hazard model, Client-side encryption, Homomorphic encryption, Computer Science Applications, Bus encryption, Encrypted medical data, Probabilistic encryption, Privacy, 40-bit encryption, Link encryption, On-the-fly encryption, business, computer

Abstract

Increasingly, confidential medical records are being stored in data centers hosted by hospitals or large companies. As sophisticated algorithms for predictive analysis on medical data continue to be developed, it is likely that, in the future, more and more computation will be done on private patient data. While encryption provides a tool for assuring the privacy of medical information, it limits the functionality for operating on such data. Conventional encryption methods used today provide only very restricted possibilities or none at all to operate on encrypted data without decrypting it first. Homomorphic encryption provides a tool for handling such computations on encrypted data, without decrypting the data, and without even needing the decryption key.In this paper, we discuss possible application scenarios for homomorphic encryption in order to ensure privacy of sensitive medical data. We describe how to privately conduct predictive analysis tasks on encrypted data using homomorphic encryption. As a proof of concept, we present a working implementation of a prediction service running in the cloud (hosted on Microsoft’s Windows Azure), which takes as input private encrypted health data, and returns the probability for suffering cardiovascular disease in encrypted form. Since the cloud service uses homomorphic encryption, it makes this prediction while handling only encrypted data, learning nothing about the submitted confidential medical data.

47. A Novel Selective Encryption Method for Securing Text Over Mobile Ad Hoc Network

Author

Hari Ram Sharma, Asha Ambhaikar, and Ajay Kushwaha

Subjects

Plaintext-aware encryption, Computer science, Selective significant data encryption, Cryptography, 02 engineering and technology, computer.software_genre, Encryption, Disk encryption hardware, Watermarking attack, Multiple encryption, Filesystem-level encryption, 0202 electrical engineering, electronic engineering, information engineering, Mobile Ad hoc network, General Environmental Science, Selective encryption, business.industry, Client-side encryption, 020206 networking & telecommunications, Disk encryption theory, Deterministic encryption, Symmetric-key algorithm, Disk encryption, Probabilistic encryption, 56-bit encryption, 40-bit encryption, General Earth and Planetary Sciences, 020201 artificial intelligence & image processing, Attribute-based encryption, Link encryption, On-the-fly encryption, business, computer, Computer network

Abstract

In today's era, security is getting important day by day. But security constraints for the text data which is sent over the network is also fetching confront with the attractiveness. This paper introduces a selective encryption method named Selective significant data encryption (SSDE) for text data encryption. The SSDE provides sufficient uncertainty to the data encryption process as it selects only significant data out of the whole message. This in turn reduces the encryption time overhead and enhances the performance. The encryption part is performed by the help of symmetric key algorithm. For this purpose BLOWFISH algorithm is used. First, I introduce the concept of cryptography, and symmetric and asymmetric types of encryption methods. Then the overview of selective encryption is given which is followed by the introduction of SSDE. In this research, I proposed a method SSDE which is compared with existing methods, that is, full data encryption and Toss-A-Coin method with the simulation experimental setup based on NS 2.35.

48. Per-hop Data Encryption Protocol for Transmitting Data Securely Over Public Networks

Author

Janaka Wijekoon, Erwin Harahap, Hiroaki Nishi, and Rajitha Tennekoon

Subjects

Routing protocol, Router, Computer science, Data security, computer.software_genre, Encryption, Computer security, Public-key cryptography, Email encryption, data encryption, General Environmental Science, Network packet, business.industry, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, per-hop routing, Client-side encryption, Cryptographic protocol, Service-oriented Router, ns-3, 56-bit encryption, 40-bit encryption, General Earth and Planetary Sciences, The Internet, Link encryption, On-the-fly encryption, business, computer, Computer network

Abstract

It is a well-known fact that the Internet traffic travels through public networks. These networks lack security and are vulnerable. Encryption and public key cryptography are important technologies that are used to preserve data security and integrity, and to reduce information theft on the public networks. However, the existing routing protocols are incapable of providing secure data transmission on public networks. To this end, our laboratory introduced the Service-oriented Router (SoR) to maintain rich information for the next-generation networks by shifting the current Internet infrastructure to an information-based and an open-innovation platform. An SoR can analyze all packet stream transactions on its interfaces and store them in high throughput databases. Using the features of the SoR, in this paper, we propose a hop-by-hop routing protocol that provides per-hop data encryption. This infrastructure is proposing to preserve both the security and the privacy of data that traverses through public networks. We implemented a prototype of per-hop data encryption protocol on the ns-3 simulator and the results obtained are discussed in this paper.

49. Data Encryption and Authetication Using Public Key Approach

Author

V. Srinadth, Srinivasan Nagaraj, and G.S.V.P. Raju

Subjects

Password, Random, Computer science, business.industry, Encryption software, x-Prime, d-PrivateKey, Client-side encryption, computer.software_genre, Computer security, Encryption, Public-key cryptography, Probabilistic encryption, Q-Public Key, 40-bit encryption, 56-bit encryption, General Earth and Planetary Sciences, Keyfile, Link encryption, Attribute-based encryption, On-the-fly encryption, business, computer, DS, General Environmental Science

Abstract

Today various numbers of diverse applications that include e- payments in secure commerce and payment applications to provide security for their communications and transactions by protecting passwords. Encryption is a fundamental tool for the protection of sensitive information. The purpose is to use encryption is privacy for preventing disclosure or confidentiality in during communications. In this paper, we proposed a new method which is based on the Euler's Totient theorem to produce a set of numbers that encrypt the data stream and then we used our proposed method using an ECC approach to generate the signature key which is added to encrypt data before transmission and decryption operation and a signature can verify at the receiver site.

50. On the concealability of messages by the williams public-key encryption scheme

Author

S.C. Kothari and S. Lakshmivarahan

Subjects

Plaintext-aware encryption, business.industry, Computer science, Plaintext, Data_CODINGANDINFORMATIONTHEORY, Encryption, Computer security, computer.software_genre, Deterministic encryption, Multiple encryption, Computational Mathematics, ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, Filesystem-level encryption, Computational Theory and Mathematics, Probabilistic encryption, Modeling and Simulation, Modelling and Simulation, ComputingMilieux_COMPUTERSANDSOCIETY, Link encryption, business, computer

Abstract

A (plaintext) message is said to be unconcealable if the encrypted message is the same as the original plaintext message. An analysis of the Williams public-key encryption scheme from the point of view of (un) concealability of messages is presented.