Your search keyword '"Cryptosystem"' showing total 1,932 results

1. A Secure EMR Sharing System With Tamper Resistance and Expressive Access Control

Author

Guowen Xu, Yinghui Zhang, Jianting Ning, Yingjiu Li, Shengmin Xu, Robert H. Deng, and Xinyi Huang

Subjects

Scheme (programming language), Security analysis, business.industry, Computer science, Access control, Cloud computing, Computer security model, Encryption, Computer security, computer.software_genre, Cryptosystem, Electrical and Electronic Engineering, business, computer, Tamper resistance, computer.programming_language

Abstract

To reduce the cost of human and material resources and improve the collaborations among medical systems, research laboratories and insurance companies for healthcare researches and commercial activities, electronic medical records (EMRs) have been proposed to shift from paperwork to friendly shareable electronic records. To take advantage of EMRs efficiently and reduce the cost of local storage, EMRs are usually outsourced to the remote cloud for sharing medical data with authorized users. However, cloud service providers are untrustworthy. In this paper, we propose an efficient, secure, and flexible EMR sharing system by introducing a novel cryptosystem called dual-policy revocable attribute-based encryption and tamper resistance blockchain technology. Our proposed system enables EMRs to be shared at a fine-grained level and allows data users to detect any unauthorized manipulation. Moreover, the key generation center can revoke malicious users without affecting the honest users. We provide the formal security model as well as the concrete scheme with security analysis. The experimental simulation and experimental analysis of our proposed scheme demonstrate that our proposed system has superior performances to the most relevant solutions.

Published

2023

2. EHRChain: A Blockchain-Based EHR System Using Attribute-Based and Homomorphic Cryptosystem

Author

Sikai Huang, Fengqi Li, Kemeng Liu, Qiufan Wu, and Zhang Lupeng

Subjects

Information Systems and Management, Cryptographic primitive, Computer Networks and Communications, business.industry, Computer science, Homomorphic encryption, Access control, Data_CODINGANDINFORMATIONTHEORY, Permission, Computer security, computer.software_genre, Computer Science Applications, Paillier cryptosystem, Hardware and Architecture, Ciphertext, Cryptosystem, Chosen-plaintext attack, business, computer

Abstract

There is an urgent need to solve the problems of secure storage, reliable sharing, access control and privacy protection in medical industry. In this paper, we propose EHRChain, a blockchain-based EHR system using attribute-based and homomorphic cryptosystem to solve the above problems. First, we design a medical record storage scheme to realize secure high capacity medical data storage and reliable sharing based on blockchain technology and IPFS. Second, we propose an improved cryptographic primitive called SHDPCPC-CP-ABE. Our SHDPCPC-CP-ABE realizes the functions of semi-policy hiding and dynamic permission changing based on partial ciphertext simultaneously. Furthermore, our program achieves the neutrality of the subject of judicial identification in medical disputes and fine-grained access control of medical data. Third, our system applies an additive homomorphic cryptosystem, Paillier cryptosystem with optimized parameters on patients privacy protection during the process of the medical insurance claim. After analysis and experiment, we have proved that the SHDPCPC-CP-ABE is indistinguishable under chosen plaintext attack and takes one third of the time of CP-ABE when changing access policy. Our system has higher performance than other EHR systems based on blockchain.

Published

2022

3. A Blockchain-Based Machine Learning Framework for Edge Services in IIoT

Author

Ta Li, Zakirul Alam Bhuiyan, Jinbo Xiong, Youliang Tian, Jianfeng Ma, and Changgen Peng

Subjects

Information privacy, Data processing, business.industry, Computer science, Decision tree learning, Aggregate (data warehouse), Data security, Construct (python library), Machine learning, computer.software_genre, Computer Science Applications, Control and Systems Engineering, Cryptosystem, Artificial intelligence, Enhanced Data Rates for GSM Evolution, Electrical and Electronic Engineering, business, computer, Information Systems

Abstract

Edge services provide an effective and superior means of real-time transmissions and rapid processing of information in the Industrial Internet of Things (IIoT). However, the continuous increase in the number of smart devices results in privacy leakage and insufficient model accuracy of edge services. To tackle these challenges, in this research, we propose a blockchain-based machine learning framework for edge services (BML-ES) in IIoT. Specifically, we construct novel smart contracts to encourage multi-party participation of edge services to improve the efficiency of data processing. Moreover, we propose an aggregation strategy to verify and aggregate model parameters to ensure the accuracy of the decision tree learning model. Finally, based on SM2 public-key cryptosystem, we protect data security and prevent data privacy leakage in edge services. Theoretical analysis and simulation experiments indicate that BML-ES framework is effective and efficient, and is better suitable to improve the accuracy of edge services in IIoT.

Published

2022

4. Iris based cancelable biometric cryptosystem for secure healthcare smart card

Author

Firdous Kausar

Subjects

Key binding, Computer science, 02 engineering and technology, Management Science and Operations Research, Computer security, computer.software_genre, Encryption, Biometric cryptosystem, 0202 electrical engineering, electronic engineering, information engineering, Cryptosystem, Authentication, Cancelable biometric, Blowfish, business.industry, Healthcare, 020206 networking & telecommunications, QA75.5-76.95, International Data Encryption Algorithm, Computer Science Applications, Symmetric-key algorithm, Electronic computers. Computer science, Key (cryptography), 020201 artificial intelligence & image processing, Smart card, business, computer, Information Systems

Abstract

Health related information of an individual is very sensitive and demands a high level of security and privacy. Healthcare providers have the responsibility to ensure that patient information is secure and accessible only to authorized users. Healthcare systems are using biometrics since long for authentication and/or access control purposes. Biometrics can also be used for healthcare data security and privacy. This paper proposes an iris based cancelable biometric cryptosystem to securely store the healthcare data of patients on the smart card. It employs symmetric key cryptography to encrypt the healthcare data and store it on the smart card in encrypted form. We use the fuzzy commitment scheme to bind the secret encryption key with the cancelable iris template of the patient. Our proposed scheme provides user authentication as well as the decryption of healthcare data when needed by using the iris template of the owner of the healthcare smart card. The implementation results show that our proposed scheme provides better performance as compared to other schemes. It can generate an encryption key of a maximum of 252 bits from the input iris template with a false acceptance rate (FAR) of 0 and a false rejection rate (FRR) of 0.07. The generated key can be used for encrypting the health care data of patients using a symmetric encryption algorithm, e.g. Advance Encryption Standard (AES), International Data Encryption Algorithm (IDEA), Blowfish, etc. As compared to a conventional encryption system where the security of the system depends on keeping the key secret, our proposed scheme binds the encryption key with the iris - template of the patient impeccably without the need to store it securely. The security analysis demonstrates that it is not possible for an attacker to retrieve the secret key or healthcare data of the patient from the stolen healthcare card.

Published

2021

5. Efficient and Secure Identity-based Strong Key-Insulated Signature Scheme without Pairings

Author

A. Ramesh Babu, P. Vasudeva Reddy, and N. B. Gayathri

Subjects

General Computer Science, Computer science, computer.internet_protocol, 02 engineering and technology, Computer security, computer.software_genre, Public-key cryptography, 0202 electrical engineering, electronic engineering, information engineering, Cryptosystem, ECDLP, Key insulation mechanism, Strong key, business.industry, Identity-based signature scheme, 020206 networking & telecommunications, ROM security model, QA75.5-76.95, Certificate Management Protocol, Signature (logic), Pairing, Electronic computers. Computer science, Identity (object-oriented programming), Key (cryptography), 020201 artificial intelligence & image processing, business, computer

Abstract

Public Key Cryptosystem (PKC) completely relies under the assumption that user’s private key is absolutely secure. Exposure of private key may lead to disastrous situations in the communication network. To diminish the damage of private key exposure in PKC, key-insulation mechanism was introduced. In key-insulated cryptosystems, a user can update his private key with the help of a physically secure device from time to time. Identity-based cryptosystem alleviates the heavy certificate management problems in traditional PKC. Recently, many Identity-based key insulated signature schemes have been proposed in literature; however, most of the Identity-based schemes are designed based on the expensive bilinear pairing operation over elliptic curves. Due to the heavy computational cost of a pairing, the pairing based schemes are less efficient in practice. In order to improve the computational and communicational efficiency and to resist the problem of private key exposure in Identity-based signature schemes, we present a pairing-free key insulated signature scheme in identity based setting. We show that this scheme is unforgeable and achieves strong key insulation property with secure key updates, under the hardness of the Elliptic Curve Discrete Logarithm Problem (ECDLP). The performance analysis shows that our scheme is more efficient than the existing schemes.

Published

2021

6. Proxy-based public-key cryptosystem for secure and efficient IoT-based cloud data sharing in the smart city

Author

Hu Xiong, Chuanjie Jin, Oluwasanmi Ariyo Olanrewaju, Dagmawit Mesfin Geressu, Negalign Wake Hundera, and Muhammad Umar Aftab

Subjects

Smart system, Authentication, Computer Networks and Communications, Computer science, business.industry, Cloud computing, Computer security, computer.software_genre, Hardware and Architecture, Smart city, Server, Media Technology, Cryptosystem, Wireless, The Internet, business, computer, Software

Abstract

The incessant advancements in technology and the rapid growth of wireless sensors will lead to the Internet of Things (IoT), a global computing network in which everything will be connected to the Internet. This results in large amounts of data being gathered from the smart systems via IoT nodes. This data, therefore, requires processing and storage; so, the cloud servers are in charge of these functionalities. Therefore, the massive amounts of data collected through IoT nodes can be deployed to the cloud, where an authorized user can access it at any time from anywhere over the Internet. However, the major concerns for data stored in the cloud are privacy and authorized access. As a result, it is very important to establish a secure network between the sensors, cloud servers, and authorized users to assure data accuracy. To deal with the above challenges, we propose a novel proxy-based public-key cryptosystem for secure and efficient IoT-based cloud data sharing in the smart city (PB-PKC-IoT). Our scheme not only ensures the integrity, confidentiality, and authentication of messages, but it also significantly reduces both the sender’s and receiver’s computational and communication costs. We also prove the scheme’s security, and our scheme is secure in terms of IND-PB-PKC-IoT-CCA2 and EF-PB-PKC-IoT-CMA under DBDH, and CDH problems, respectively. These features make our scheme appropriate for data communication in cloud and IoT environments.

Published

2021

7. CL-ME: Efficient Certificateless Matchmaking Encryption for Internet of Things

Author

Tao Xiang, Mimi Ma, Debiao He, Biwen Chen, and Xiaofeng Liao

Subjects

Information privacy, Authentication, Cryptographic primitive, Computer Networks and Communications, Computer science, business.industry, Data security, Cryptography, Access control, Computer security, computer.software_genre, Encryption, Computer Science Applications, Hardware and Architecture, Signal Processing, Cryptosystem, business, computer, Information Systems

Abstract

The Internet of Things (IoT) is gradually stepping out of its infancy into maturity. Its widespread applications cover from tiny wearable devices to large industrial systems. Although many security solutions have been introduced to address data security and privacy problems caused by the unique characteristics of IoT, how to simultaneously achieve data confidentiality, protect the privacy of access control policy, and provide reasonable data source identification has been a challenging problem. Moreover, lacking one of the above properties may result in serious issues (e.g., leakage information and forging identity), and the situation grows steadily worse with the expansion of “things” scale. To address the above issues, we propose a new cryptographic primitive named certificateless matchmaking encryption (CL-ME), which inherits the security properties of certificateless cryptosystem and matchmaking encryption. Meanwhile, we also present two effective concrete constructions with formal security proofs based on the standard hard assumptions. The basic construction is the first instance of CL-ME based on bilinear pairing, and the enhanced construction is a pairing-free lightweight solution. Finally, we implement our proposed schemes using popular cryptography library and compare their performance with existing works. Theoretical analysis and experimental evaluations demonstrate that our proposed schemes are more suitable for IoT environment.

Published

2021

8. QMLFD Based RSA Cryptosystem for Enhancing Data Security in Public Cloud Storage System

Author

Priyadharshini Kaliyamoorthy and Aroul Canessane Ramalingam

Subjects

Authentication, Key generation, Computer science, business.industry, Data security, Cloud computing, Computer security, computer.software_genre, Encryption, Computer Science Applications, Data integrity, Key (cryptography), Cryptosystem, Electrical and Electronic Engineering, business, computer

Abstract

Nowadays sharing secure data turns out to be a challenging task for the data owner due to its privacy and confidentiality. Several IT companies stores their important information in the cloud since computing has developed immense power in sharing the data. On the other hand, privacy is considered a serious issue in cloud computing as there are numerous privacy concerns namely integrity, authentication as well as confidentiality. Among all those concerns, this paper focuses on enhancing the data integrity in the public cloud environment using Qusai modified levy flight distribution for the RSA cryptosystem (QMLFD-RSA). An effective approach named QMLFD for the RSA cryptosystem is proposed for resolving the problem based on data integrity in public cloud environment. A secured key generation and data encryption are done by employing the RSA cryptosystem thus the data is secured from unauthorized users. The key selection is done by using quasi based modified Levy flight distribution algorithm. Thus the proposed approach provides an effective model to enhance the integrity of data in cloud computing thus checking the data integrity uploaded in the public cloud storage system. In addition to this, ten optimization benchmark functions are calculated to determine the performances and the functioning of the newly developed QMLFD algorithm. The simulation results and comparative performances are carried out and the analysis reveals that the proposed QMLFD for the RSA cryptosystem provides better results when compared with other approaches.

Published

2021

9. Efficient Multi-linear Key Pairing Cryptosystem for Reliable Cloud-based Service Provisioning

Author

C. Swetha Priya, S. K. V. Jayakumar, and Sabout Nagaraju

Subjects

Authentication, Computer science, business.industry, Cloud computing, Mutual authentication, Login, Computer security, computer.software_genre, Forward secrecy, Key (cryptography), Cryptosystem, Session key, business, computer

Abstract

Cloud computing has gained rapid growth in the development of different fields of science and engineering. However, due to the distributed nature of cloud computing, session key generation and establishment is the pressing issue. Session key management plays the utmost important role in the secure exchange of sensitive login credentials and transaction information. Moreover, conventional session key management mechanisms are inadequate and cannot be directly adopted in cloud-based environments. Hence, session key management is very much solely needed solution for reliable cloud-based service provisioning. In mutual authentication, bi-linear key pairing cryptosystem plays a critical role to generate and establish a session key. The existing mutual authentication schemes fail to support true mutual authentication in cloud-based environments as they are vulnerable to secret key leakage, perfect forward secrecy, and untraceability. To mitigate the effect of these attacks, this research develops an efficient multi-linear key pairing cryptosystem. In this cryptosystem, challenge-response messages are used for generating and establishing a one-time shared session key. Furthermore, the performance analysis of the proposed cryptosystem depicts a significant reduction of computation cost, authentication accuracy rates, and resistance to the aforementioned attacks.

Published

2021

10. BSLA: Blockchain-assisted Secure and Lightweight Authentication for SGIN

Author

Xiaokang Su, Wu Yinan, Su Yao, Tianhong Zhang, Chuanqing Li, and Jianfeng Guan

Subjects

Authentication, Revocation, Computer Networks and Communications, computer.internet_protocol, Computer science, business.industry, 020206 networking & telecommunications, 02 engineering and technology, Computer security, computer.software_genre, Certificate Management Protocol, Public-key cryptography, Authentication protocol, Default gateway, 0202 electrical engineering, electronic engineering, information engineering, Cryptosystem, 020201 artificial intelligence & image processing, business, computer, Key escrow

Abstract

Space–Ground Integrated Network (SGIN) can dramatically reduce the coverage restriction of terrestrial networks, and it therefore can meet the high service requirements to achieve low-latency and high-speed global interconnection at anytime and anywhere. Due to the vulnerable communication channels and the limited resources of spatial nodes such as satellite, SGIN is facing many potential threats. As the first gateway of the SGIN, access authentication is an essential step that guarantees the internal security of the network. However, there are some problems in traditional cryptosystem-based authentication mechanisms, such as certificate management problem and centralized key escrow problem. Consequently, designing a lightweight and secure identity authentication protocol can effectively solve the problems faced by SGIN. In this paper, we focus on the private key escrow problem caused by the Private Key Generator (PKG) in Identity-Based Cryptosystems (IBC) mechanism, and propose a Blockchain-assisted Secure and Lightweight Authentication (BSLA) scheme which introduces the blockchain to improve the robustness and reliability of authentication. In BSLA, user’s private key is determined by itself through combining the partial private keys from different PKGs, which prevents the risk of private key exposure caused by single PKG. Meanwhile, the blockchain also serves as the information source for synchronizing user revocation lists to the spatial nodes, which realizes the fast detection of user revocation. We further analyse the security of BSLA and the analytical results show that BSLA can meet various security requirements. In addition, according to the performance evaluation results, BSLA has good scalability in terms of key security strength. Therefore, users can choose different key security strength and make a trade-off between efficiency and security based on the specific requirements.

Published

2021

11. Information security in the post quantum era for 5G and beyond networks: Threats to existing cryptography, and post-quantum cryptography

Author

Vaibhav Chanana, Prakhar Parashari, Vikas Hassija, Alireza Jolfaei, and Vinay Chamola

Subjects

Post-quantum cryptography, Computer Networks and Communications, Computer science, business.industry, TheoryofComputation_GENERAL, Quantum simulator, 020206 networking & telecommunications, Cryptography, 02 engineering and technology, Quantum key distribution, Computer security, computer.software_genre, Public-key cryptography, Symmetric-key algorithm, ComputerSystemsOrganization_MISCELLANEOUS, 0202 electrical engineering, electronic engineering, information engineering, Cryptosystem, 020201 artificial intelligence & image processing, business, computer, Computer Science::Cryptography and Security, Quantum computer

Abstract

Quantum computing is an emerging field that uses the concepts of quantum mechanics to outperform classical computers. Quantum computing finds plethora of applications in the 5G and Beyond networks. It can process data at an exponential rate, which can address numerous business and scientific challenges. In this paper, we provide a detailed review of the field, starting from the most important applications of quantum computers and then diving into the future of cryptography. The major applications of quantum computing include unstructured search, quantum simulation, and optimization. It can also provide improvements in terms of speed and accuracy for some existing technologies, such as machine learning. These technologies have numerous applications in 5G and beyond networks. However, due to such abilities of quantum computing, it can also pose a serious risk to many existing security systems, especially the asymmetric key cryptography schemes. The risk of quantum computing has also influenced the mobile broadband standards to move from a symmetric key cryptography techniques to PKI-based trust model. We also discuss in detail various alternate cryptosystems based on mathematical problems that are believed to be hard even for a quantum computer to solve. In parallel, we discuss the developments in the field of quantum key distribution that makes use of quantum phenomenon to develop a quantum-resistant crypto systems. Such quantum-resistant systems have a great potential in provisioning secure 5G and beyond networks.

Published

2021

12. Secure Chaff-less Fuzzy Vault for Face Identification Systems

Author

Jung Yeon Hwang, Xingbo Dong, Sangrae Cho, Andrew Beng Jin Teoh, Soohyong Kim, and Zhe Jin

Subjects

021110 strategic, defence & security studies, Matching (statistics), Biometrics, Computer Networks and Communications, Computer science, Hash function, 0211 other engineering and technologies, 020206 networking & telecommunications, 02 engineering and technology, computer.software_genre, Fuzzy logic, Identifier, Identification (information), Hardware and Architecture, Face (geometry), 0202 electrical engineering, electronic engineering, information engineering, Cryptosystem, Data mining, computer

Abstract

Biometric cryptosystems such as fuzzy vaults represent one of the most popular approaches for secret and biometric template protection. However, they are solely designed for biometric verification, where the user is required to input both identity credentials and biometrics. Several practical questions related to the implementation of biometric cryptosystems remain open, especially in regard to biometric template protection. In this article, we propose a face cryptosystem for identification (FCI) in which only biometric input is needed. Our FCI is composed of a one-to-N search subsystem for template protection and a one-to-one match chaff-less fuzzy vault (CFV) subsystem for secret protection. The first subsystem stores N facial features, which are protected by index-of-maximum (IoM) hashing, enhanced by a fusion module for search accuracy. When a face image of the user is presented, the subsystem returns the top k matching scores and activates the corresponding vaults in the CFV subsystem. Then, one-to-one matching is applied to the k vaults based on the probe face, and the identifier or secret associated with the user is retrieved from the correct matched vault. We demonstrate that coupling between the IoM hashing and the CFV resolves several practical issues related to fuzzy vault schemes. The FCI system is evaluated on three large-scale public unconstrained face datasets (LFW, VGG2, and IJB-C) in terms of its accuracy, computation cost, template protection criteria, and security.

Published

2021

13. A Blockchain-Enabled Deduplicatable Data Auditing Mechanism for Network Storage Services

Author

Cheng Zhang, Guojun Wang, Quanrun Zeng, Zheng Qin, and Yang Xu

Subjects

business.industry, Computer science, 020206 networking & telecommunications, Cryptography, 02 engineering and technology, Audit, Service provider, Computer security, computer.software_genre, Computer Science Applications, Human-Computer Interaction, Data integrity, Scalability, Credibility, 0202 electrical engineering, electronic engineering, information engineering, Computer Science (miscellaneous), Data deduplication, Cryptosystem, 020201 artificial intelligence & image processing, business, computer, Information Systems

Abstract

Since network storage services achieve widespread adoption, security and performance issues are becoming primary concerns, affecting the scalability of storage systems. Countermeasures like data auditing mechanisms and deduplication techniques are widely studied. However, the existing data auditing mechanism with deduplication cannot solve the problems such as high cost and reliance on trusted third parties in traditional approaches, and it also faces the problem of repeated auditing of data shared by multiple-tenant. This article proposes a blockchain-based deduplicatable data auditing mechanism. We first design a client-side data deduplication scheme based on bilinear-pair techniques to reduce the burden on users and service providers. On this basis, we achieve a trustworthy and efficient data auditing mechanism that helps to check data integrity by using both the blockchain technique and bilinear pairing cryptosystem. The blockchain system is used to record the behaviors of entities in both data outsourcing and auditing processes so that the corresponding immutable records can be used to not only ensure the credibility of audit results but also help to monitor unreliable third-party auditors. Finally, theoretical analysis and experiments reveal the effectiveness and performance of our scheme.

Published

2021

14. A Privacy-Preserving Optimization of Neighborhood-Based Recommendation for Medical-Aided Diagnosis and Treatment

Author

Mingwu Zhang, Jingqiang Lin, and Yu Chen

Subjects

Authentication, Computer Networks and Communications, business.industry, Computer science, Cryptography, Cloud computing, Encryption, Computer security, computer.software_genre, Computer Science Applications, Information sensitivity, Hardware and Architecture, Server, Signal Processing, Cryptosystem, Graph (abstract data type), business, computer, Information Systems

Abstract

Nowadays, patients’ physiological data and medical records are outsourced to the medical cloud to help the patients and doctors to obtain valuable and reliable services, i.e., diagnosis decision and treatment recommendation, which provides subtle and precise guidance for medical cases. Neighborhood-based recommendation (NBR) provides an effective and vivid approach to finding like-minded nodes to generate recommendations, automating what is usually known as word of mouth. Unfortunately, both diverse medical data and outsource technology raise stringent privacy concerns since the patient data is generally associated with attribute sets which contain somewhat sensitive information, such as age, gender, epidemic, physiological data and clinic result etc. The great privacy-revealing risk will occur if this sensitive medical information is maliciously exploited by network eavesdroppers, untrusted cloud servers or doctors. Considering the above privacy-revealing issues in medical data, this article proposes a privacy-preserving optimization of neighborhood-based recommendation scheme (namely, PPO-NBR), which achieves a secure and privacy-preserving recommendation for medical-aided diagnosis and treatment without revealing the patients’ sensitive information. We propose a privacy-preserving medical graph construction protocol and a medical treatment recommendation protocol to implement the secure recommendation on the encrypted medical data, in which it employs BGN Cryptosystem as the building modular to encrypt data and then creatively applies graph theory to expand neighbors to search the best similar features, and uses BLS signature to ensure the authentication, and meanwhile, it deploys a ( $t,n$ ) oblivious transfer protocol to preserve the confidentiality of recommendation. A couple of experiments are implemented to evaluate the performance in terms of computational costs and communication overheads and indicate that our scheme is efficient and practical for medical-aided diagnosis.

Published

2021

15. A Review on Algorithms of Homomorphic Encryption

Author

T. Prahlad Reddy, Dr.G. Mamatha, and Dr.M.N. Giri Prasad

Subjects

Service (systems architecture), business.industry, Process (engineering), Computer science, Homomorphic encryption, Cloud computing, Computer security, computer.software_genre, Encryption, Analytics, Cryptosystem, Confidentiality, business, computer

Abstract

The rapid evolution of technologies like Internet of Things (IoT) and Cloud computing which handle big-scale data through the operations operate, store and manage. Besides, the technology facilitates with operations related to safety and confidentiality concerns. Moreover, the increasingly accessible cryptosystems offer the security concerns by IoT and cloud computing at several segments. In addition, the provision of third-party cloud process and analytics service contributors creates a privacy challenges to the consumer data. The current evolutions in the homomorphic encryption permits the computations on the data even when its encrypted. Therefore, a substantial research has been conducted on homomorphic encryption since few decades. However, the requirement of real-time implementation is essential for homomorphic encryption methods for achieving better improvements. Thus, the survey introduces the innumerable schemes for homomorphic encryption, advancements, and developments for decades, and its future progression for the implementation in real-time scenario.

Published

2021

16. MACHINE LEARNING APPROACH FOR CRYPTOSYSTEM SUGGEST IN EDUCARE OVER CLOUDS

Author

Ravish G K and Thippeswamy K

Subjects

Decision support system, business.industry, Computer science, 05 social sciences, 050301 education, Cloud computing, Cryptography, 050905 science studies, Machine learning, computer.software_genre, Data type, Information sensitivity, Work (electrical), Statistical inference, Cryptosystem, Artificial intelligence, 0509 other social sciences, business, 0503 education, computer

Abstract

In the current situation of the pandemic, global organizations are turning to online functionality to ensure survival and sustainability. The future, even though uncertain, holds great promise for the education system being online. Cloud services for education are the center of this research work as they require security and privacy. The sensitive information about the users and the institutions need to be protected from all interested third parties. since the data delivery on any of the online systems is always time sensitive, the have to be fast. In previous works some of the algorithms were explored and statistical inference based decision was presented. In this work a machine learning system is designed to make that decision based on data type and time requirements.

Published

2021

17. LDuAP: lightweight dual auditing protocol to verify data integrity in cloud storage servers

Author

R. Anitha and Mohamed Sirajudeen Yoosuf

Subjects

020203 distributed computing, Security analysis, General Computer Science, Computer science, business.industry, Cloud computing, 02 engineering and technology, Audit, Computer security, computer.software_genre, Server, Data integrity, 0202 electrical engineering, electronic engineering, information engineering, Cryptosystem, 020201 artificial intelligence & image processing, business, computer, Cloud storage, Key size

Abstract

Cloud Service Providers (CSP) allow the users to store their data in the cloud storage servers. However, outsourcing the confidential data increases the security vulnerabilities as the data owner loses the physical on-premise control over the data. In order to verify the integrity of the outsourced data, auditing has to be performed frequently. Existing public auditing schemes completely depend on the third party auditor (TPA) to verify the integrity. If the trustworthiness of the TPA is compromised, then the TPA might send the fraudulent integrity result to the data owners. Existing schemes does not possess cross verification procedures to overcome the trust issues associated with the TPA. In addition, most of the existing public auditing schemes use RSA and BLS signatures to verify the authenticity of the data owner. Due to large key size, the computation time to perform auditing remains high. To overcome these issues, an LDuAP (lightweight dual auditing protocol) based on the Cramer-Shoup cryptosystem has been proposed. It combines both public and private auditing schemes to improve the authenticity of the integrity results. Initially, a lightweight public auditing is performed for all the data blocks stored in the cloud. Later, to cross-verify the integrity results generated by the TPA, private auditing is performed. The proposed scheme reduces the size of the signature by 50% and subsequently reduces the overhead of the entire auditing scheme. The extensive implementation assessments and security analysis exhibit the legitimacy and efficiency of the proposed scheme.

Published

2021

18. Mimosa: Protecting Private Keys Against Memory Disclosure Attacks Using Hardware Transactional Memory

Author

Bo Luo, Jing Wang, Jiwu Jing, Li Congwu, Quanwei Cai, Jingqiang Lin, and Le Guan

Subjects

021110 strategic, defence & security studies, Atomicity, Computer science, Network security, business.industry, 0211 other engineering and technologies, Transactional memory, Plaintext, Cryptography, 02 engineering and technology, Computer security, computer.software_genre, Public-key cryptography, Cryptosystem, Electrical and Electronic Engineering, business, Heartbleed, computer

Abstract

Cryptography is essential for computer and network security. When cryptosystems are deployed in computing or communication systems, it is extremely critical to protect the cryptographic keys. In practice, keys are loaded into the memory as plaintext during cryptographic computations. Therefore, the keys are subject to memory disclosure attacks that read unauthorized data from RAM. Such attacks could be performed through software exploitations, such as OpenSSL Heartbleed, even when the integrity of the victim system’s binaries is maintained. They could also be done through physical methods, such as cold-boot attacks, even if the system is free of software vulnerabilities. This paper presents Mimosa , to protect RSA private keys against both software-based and physical memory disclosure attacks. Mimosa uses hardware transactional memory (HTM) to ensure that ( a ) whenever a malicious thread other than Mimosa attempts to read the plaintext private key, the transaction aborts and all sensitive data are automatically cleared with hardware, due to the strong atomicity guarantee of HTM; and ( b ) all sensitive data, including private keys and intermediate states, appear as plaintext only within CPU-bound caches, and are never loaded to RAM chips. To the best of our knowledge, Mimosa is the first solution to use transactional memory to protect sensitive data against memory attacks. However, the fragility of TSX transactions introduces extra cache-clogging denial-of-service (DoS) threats, and attackers could sharply degrade the performance by concurrent memory-intensive tasks. To mitigate the DoS threats, we further partition an RSA private-key computation into multiple transactional parts by analyzing the distribution of aborts, while (sensitive) intermediate results are still protected across transactional parts. Through extensive experiments, we show that Mimosa effectively protects cryptographic keys against attacks that attempt to read sensitive data in memory, and introduces only a small performance overhead, even with concurrent cache-clogging workloads.

Published

2021

19. PCR and Bio-signature for data confidentiality and integrity in mobile cloud computing

Author

Sreeja Cherillath Sukumaran and Mohammed Misbahuddin

Subjects

Security analysis, General Computer Science, Computer science, Data security, Cloud computing, 02 engineering and technology, Computer security, computer.software_genre, Encryption, Polymerase chain reaction (PCR), law.invention, DNA computing, law, 0202 electrical engineering, electronic engineering, information engineering, Cryptosystem, Bio-signature, DNA cryptography, business.industry, 020206 networking & telecommunications, Mobile cloud computing (MCC), QA75.5-76.95, Mobile cloud computing, Primers, Electronic computers. Computer science, 020201 artificial intelligence & image processing, The Internet, business, computer

Abstract

Cloud computing technology got relevance as computing paradigm, which delivers massively scalable computing technologies based on the Internet for the organizations. Mobile Cloud Computing (MCC) allows users more possibilities to access services conveniently. But data security and privacy issues still act as barriers for adoption to cloud technology when dealing with confidential data. Encryption techniques play a significant role in ensuring data security in the Cloud. Various data encryption techniques have been evolved till the date of which DNA Computing techniques got wider acceptance due to biological complexity and computational properties of DNA. These features can be exploited to solve data security issues in MCC. This paper highlights the security issues in the MCC and proposes biocomputing solution approaches to address data security. A methodology is proposed based on the principle concepts of polymerase chain reaction and primer generation for ensuring data confidentiality and integrity. The security analysis of the proposed cryptosystem is evaluated by theoretical analysis, complexity and probability analysis. Formal analysis of the proposed protocol is done using Scyther and all the modeled claims are validated and positive results are obtained.

Published

2021

20. EVALUATION OF PERSISTENCE OF STREAMING CRYPTOSYSTEMS OPERATING AS PART OF TELECOMMUNICATIONS MANAGEMENT NETWORK SYSTEM

Subjects

Persistence (psychology), Computer science, Cryptosystem, Computer security, computer.software_genre, Telecommunications Management Network, computer

Abstract

Целью исследования является повышение защищенности телекоммуникационных систем управления в контексте криптографической защиты с использованием математического аппарата риск-анализа для оценки стойкости поточных криптосистем. Стойкость поточной криптосистемы в работе рассмотрена как совокупность рисков разнородных компонентов поточной криптосистемы, уязвимых к деструктивному воздействию. В ходе исследования проанализированы уязвимости компонентов поточной криптосистемы, особенности среды функционирования, построены модель угроз и риск-модель атакуемой поточной криптосистемы, предложены мероприятия по снижению рисков поточных криптосистем. Полученные результаты могут быть использованы или адаптированы при необходимости повышения стойкости поточных криптосистем на этапах проектирования и модернизации, а также при необходимости восстановления эффективности функционирования после компрометации или взлома. На основе предложенной риск-модели поточной криптосистемы в дальнейшем возможна реализация программного обеспечения для оценки стойкости поточных криптосистем. The aim of the article consists in increasing of security level of telecommunications management network system due to cryptographic security methods. Risk analysis is used as an instrument of evaluation of persistence of streaming cryptosystems. The vulnerabilities of components and features of environment are analyzed. The threat model and the risk model of the stream cryptosystem are built. Measures of reducing the risks of stream cryptosystems are proposed. The obtained results can be used or adapted if it is necessary to increase the persistence of streaming cryptosystems during the design and modernization stages, as well as if it is necessary to restore operational efficiency after compromising or hacking. Based on the proposed risk model of a stream cryptosystem, it is further possible to implement software to assess the persistence of stream cryptosystems.

Published

2021

21. Robust medical image encryption based on DNA-chaos cryptosystem for secure telemedicine and healthcare applications

Author

Fatma Khallaf, Walid El-Shafai, Fathi E. Abd El-Samie, and El-Sayed M. El-Rabaie

Subjects

General Computer Science, Computer science, business.industry, Computational intelligence, computer.software_genre, Encryption, Image (mathematics), CHAOS (operating system), Encoding (memory), Key (cryptography), Cryptosystem, Data mining, Logistic map, business, computer

Abstract

The security of healthcare and telemedicine systems is a critical issue that must be significantly investigated. Several smart telemedicine applications are expected to be adopted in the medical sector in the incoming years. Healthcare smart products that are connected through Internet to be accessible anytime and anywhere are expected to deal with critical and confidential information such as personal medical images. Therefore, medical image encryption is an important task in telemedicine and healthcare applications. This paper presents an efficient cryptosystem for medical image security based on exploiting the advantages of the de-oxyribo nucleic acid (DNA) rules and chaos maps. In the proposed medical image cryptosystem, logistic chaos map, piecewise linear chaotic map (PWLCM), and DNA encoding are employed. The PWLCM is employed to generate a secret key image. Then, the DNA rules are utilized for encoding the secret key image and the input plain image by rows that are encoded with the logistic chaos map. After that, the proposed logistic map is employed to obtain an intermediate image as another secret key image to set DNA functions row-by-row on the coded original image. Moreover, the intermediate image is decoded in the following stage. Finally, the previous actions are iterated through image columns once again to obtain the best ciphered image. The experimental results reveal that the suggested cryptosystem has a high security with an acceptable processing time. In addition, it can resist various kinds of attacks, such as known-plaintext and chosen-plaintext attacks.

Published

2021

22. InPPTD: A Lightweight Incentive-Based Privacy-Preserving Truth Discovery for Crowdsensing Systems

Author

Bin Zhu, Na Gai, David S. L. Wei, Nenghai Yu, Kaiping Xue, and Qingyou Yang

Subjects

021110 strategic, defence & security studies, Information privacy, Computer Networks and Communications, Computer science, business.industry, 0211 other engineering and technologies, Homomorphic encryption, Cryptography, 02 engineering and technology, Computer security, computer.software_genre, Computer Science Applications, Incentive, Hardware and Architecture, 020204 information systems, Server, Signal Processing, 0202 electrical engineering, electronic engineering, information engineering, Cryptosystem, Overhead (computing), business, Protocol (object-oriented programming), computer, Information Systems

Abstract

Recently, truth discovery in crowdsensing systems has received considerable attention with its appealing features for extracting truthful information from multiple unreliable data sources. However, it also poses new challenges to the issues of privacy and security. On the one hand, workers’ sensed data can be used to infer their privacy. On the other hand, workers may be selfish and lazy, especially in the Internet-of-Things environment, devices are usually resource constrained, so they may dishonestly execute the costly sensing task so as to reduce resource consumption, or even break the protocol to obtain illegal rewards. Although some privacy-preserving truth discovery schemes have been proposed, they still cannot achieve strong privacy protection while keeping efficiency on the worker side, and still has no efficient incentive mechanism to persuade workers to participate in the system operations. In this article, we propose an incentive-based privacy-preserving truth discovery framework, named InPPTD. By adopting the Paillier homomorphic cryptosystem and two noncolluding servers, InPPTD not only effectively protects workers’ sensed data information but also preserves the privacy of these workers’ weight information. Meanwhile, a weight-based incentive mechanism is introduced in InPPTD to reduce the number of lazy workers. Security and performance analysis shows that InPPTD can guarantee stronger security features, while also ensure efficiency in terms of computation and communication overhead.

Published

2021

23. A novel biometric crypto system based on cryptographic key binding with user biometrics

Author

Gurjit Singh Walia, Rajesh Asthana, and Anjana Gupta

Subjects

Security analysis, Biometrics, Computer Networks and Communications, Computer science, business.industry, Data security, 020207 software engineering, Cryptography, 02 engineering and technology, Computer security, computer.software_genre, Brute-force attack, Hardware and Architecture, Secrecy, 0202 electrical engineering, electronic engineering, information engineering, Media Technology, Key (cryptography), Cryptosystem, 020201 artificial intelligence & image processing, business, computer, Software, Information Systems

Abstract

Cryptography plays a significant role in ensuring data security and confidentiality. The security provided by a crypto system mainly depends on the secrecy of the cryptographic key. If the secret key gets compromised, then it may lead to compromise of the protected data. Biometric cryptosystem provides a solution for securing the cryptographic key by binding the secret key with user biometric data. In this paper, we have proposed a novel biometric crypto system involving key binding mechanism. New objective functions have been introduced to create helper data by binding the secret key with biometric data of the user. In the retrieval phase, local minima of the objective functions act as anchors to get the secret key. Performance evaluation shows that the proposed method achieves more than 98% success rate even in presence of limited noise in the biometric data. Further, performance metrics viz., FAR, GAR, GWDR and IWDR have been obtained for cryptographic key sizes of 256, 512, 1024 and 2048 bits. Security analysis shows that the proposed method is robust against brute force attack and correlation attack.

Published

2021

24. Chaotic Jerk System with Hump Structure for Text and Image Encryption Using DNA Coding

Author

V. R. Folifack Signing, Zeric Tabekoueng Njitacke, T. Fozin Fonzin, Jacques Kengne, and M. Kountchou

Subjects

Password, 0209 industrial biotechnology, Security analysis, business.industry, Computer science, Applied Mathematics, Chaotic, 02 engineering and technology, Encryption, computer.software_genre, Jerk, Digital image, 020901 industrial engineering & automation, Signal Processing, Cryptosystem, Data mining, business, computer, Coding (social sciences)

Abstract

Nowadays, advances in technology have led to the expansion of the use and exchange of digital data, which places great importance on the security of these data. The protection of exchanging messages, passwords of email accounts, bank accounts and many others requires the security of textual data. Likewise, the security of medical images, personal images, captures from military satellites, plans to build banks and many others require the protection of digital images. Thereby, jointly based on the special randomness generated by a chaotic Jerk system with hump structure and DNA coding, a cryptosystem is proposed in this article for both text and image encryption. A preliminary study on the dynamic properties of a Jerk system as well as DNA coding is carried out, respectively, for the exploration of the phenomena and the implementation of the encryption technique. Through standard nonlinear analysis tools, the full dynamics of the system is explored and feasibility is confirmed through PSpice investigations. The simulated experimental results, as well as the security analysis, show quantitatively and qualitatively that the proposed encryption technique does not only offer better performance in comparison with some existing algorithms but is also sufficiently fast for practical applications while resisting the known attacks but also.

Published

2021

25. Enabling Privacy-Assured Fog-Based Data Aggregation in E-Healthcare Systems

Author

Guo, Cheng, Tian, Pengxu, and Choo, Kim-Kwang Raymond

Subjects

business.industry, Computer science, 020208 electrical & electronic engineering, Homomorphic encryption, Wearable computer, 02 engineering and technology, Encryption, Computer security, computer.software_genre, Computer Science Applications, Data aggregator, Control and Systems Engineering, Server, Body area network, 0202 electrical engineering, electronic engineering, information engineering, Key (cryptography), Cryptosystem, Electrical and Electronic Engineering, Resilience (network), business, computer, Information Systems

Abstract

Wearable body area network is a key component of the modern-day e-healthcare system (e.g., telemedicine), particularly as the number and types of wearable medical monitoring systems increase. The importance of such systems is reinforced in the current COVID-19 pandemic. In addition to the need for a secure collection of medical data, there is also a need to process data in real-time. In this article, we design an improved symmetric homomorphic cryptosystem and a fog-based communication architecture to support delay- or time-sensitive monitoring and other-related applications. Specifically, medical data can be analyzed at the fog servers in a secure manner. This will facilitate decision making, for example, allowing relevant stakeholders to detect and respond to emergency situations, based on real-time data analysis. We present two attack games to demonstrate that our approach is secure (i.e., chosen-plaintext attack resilience under the computational Diffie–Hellman assumption), and evaluate the complexity of its computations. A comparative summary of its performance and three other related approaches suggests that our approach enables privacy-assured medical data aggregation, and the simulation experiments using Microsoft Azure further demonstrate the utility of our scheme.

Published

2021

26. Toward Next-Generation Robust Cryptosystems

Author

Srinibas Swain, Deepak Puthal, and Saraju P. Mohanty

Subjects

business.industry, Computer science, Process (engineering), Encryption, Computer security, computer.software_genre, Computer Science Applications, Variety (cybernetics), Human-Computer Interaction, Hardware and Architecture, Fog computing, Cryptosystem, The Internet, Electrical and Electronic Engineering, business, Smart applications, Internet of Things, computer

Abstract

A variety of technologies including Internet-of-Things (IoT), IoT-edge/fog computing, and embedded systems are gaining more importance in designing smart applications (e.g., smart healthcare) with minimal human interventions. All the devices and datacenters in these applications are connected to the Internet. Considering the Internet properties, cybersecurity attackers get an easy chance to become part of the system and participate in the data communication process. This article presents thoughts on paradigm-shift next generation cryptosystems to overcome the vulnerabilities of the omnipresent conventional cryptosystems.

Published

2021

27. Privacy-preserving and verifiable multi-instance iris remote authentication using public auditor

Author

U. S. N. Raju, Mahesh Kumar Morampudi, and Munaga V. N. K. Prasad

Subjects

Authentication, Biometrics, Computer science, Data_MISCELLANEOUS, Homomorphic encryption, 02 engineering and technology, Computer security, computer.software_genre, ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, Artificial Intelligence, 0202 electrical engineering, electronic engineering, information engineering, Benchmark (computing), Cryptosystem, 020201 artificial intelligence & image processing, Confidentiality, Verifiable secret sharing, computer

Abstract

Homomorphic Encryption (HE) is the most widely explored research area to construct privacy-preserving biometric authentication systems due to its advantages over cancelable biometrics and biometric cryptosystem. However, most of the existing privacy-preserving biometric authentication systems using HE assume that the server performs computations honestly. In a malicious server setting, the server may return an arbitrary result to save the computational resources results in false accept/reject. To address this, we propose a privacy-preserving and verifiable multi-instance iris authentication using public auditor (PviaPA). Paillier HE provides confidentiality for the iris templates in PviaPA. A public auditor ensures the correctness of comparator result in PviaPA. Extensive experimental results on benchmark iris databases demonstrate that PviaPA provides privacy to the iris templates with no loss in the accuracy as well as trust on the comparator result.

Published

2021

28. BIOFUSE: A framework for multi-biometric fusion on biocryptosystem level

Author

Mohona Ghosh, Surabhi Garg, Munawar Hasan, and Donghoon Chang

Subjects

Scheme (programming language), Information Systems and Management, Biometrics, Computer science, business.industry, 05 social sciences, 050301 education, 02 engineering and technology, computer.software_genre, Encryption, Computer Science Applications, Theoretical Computer Science, Artificial Intelligence, Control and Systems Engineering, 0202 electrical engineering, electronic engineering, information engineering, Cryptosystem, 020201 artificial intelligence & image processing, Data mining, business, 0503 education, computer, Biometric fusion, Software, computer.programming_language

Abstract

Biometric cryptosystems or biocryptoystems are gaining prominence for cryptographic key generation, encryption and biometric template protection. However, the most popular state-of-the-art biocryptosystems- fuzzy commitment and fuzzy vault are prone to multiple security attacks. Recently proposed multi-biometric cryptosystems improve security and enhance recognition performance. They perform the fusion of multi-biometric characteristics with either a single biocryptosystem or independently accessed, multiple biocryptosystems. An attack on any of the involved biocryptosystems can weaken the security of the whole system. In our paper, we propose a multi-biometric fusion framework- BIOFUSE, that combines fuzzy commitment and fuzzy vault using the format-preserving encryption scheme. BIOFUSE makes it improbable for an attacker to get unauthorized access to the system without impersonation of all the biometric inputs of the genuine user at the same instant. We present 4 most basic ways of constructing BIOFUSE and found only 1 named S-BIOFUSE ( S 3 ) as a secure design. We compare the recognition performance of the proposed scheme with existing multi-biometric cryptosystems on various databases. The results show 0.98 true match rate at 0.01 false match rate on a virtual IITD-DB1 database that indicates that our proposed work achieves significantly good recognition performance while providing high security.

Published

2021

29. Hyperchaos-Based Cryptosystem for Multimedia Data Security

Author

M M Djeddou Djeddou, S S Sadoudi Sadoudi, and S S Benzegane Benzegane

Subjects

Computer science, Cryptosystem, General Medicine, Computer security, computer.software_genre, computer, Multimedia data security

Abstract

In this paper, we present a software development of multimedia streaming encryption using Hyperchaos-based Random Number Generator (HRNG) implemented in C#. The software implements and uses the proposed HRNG to generate keystream for encrypting and decrypting real-time multimedia data. The used HRNG consists of Hyperchaos Lorenz system which produces four signal outputs taken as encryption keys. The generated keys are characterized by high quality randomness which is confirmed by passing standard NIST statistical tests. Security analysis of the proposed encryption scheme through image and audio security analysis confirms its robustness against different kind of attacks.

Published

2021

30. Computational Cost Reduction of Transaction Signing in Blockchain

Author

Kiattikul Sooksomsatarn

Subjects

Cryptocurrency, Blockchain, business.industry, Computer science, Context (language use), Cryptography, Encryption, Computer security, computer.software_genre, Education, Public-key cryptography, Digital currency, Developmental and Educational Psychology, Cryptosystem, business, computer, General Psychology

Abstract

Nowadays, Blockchain is a disruptive technology, particularly in the financial context. Moreover, Blockchain is behind the success of cryptocurrencies, e.g., Bitcoin and Ethereum. Unlike traditional currencies, cryptocurrencies are entirely virtual. There is no physical money, but it can directly make payments in digital currency from one person to another without intermediaries. Moreover, Hashing's cryptographic algorithm makes Blockchain resist tampering from any transacting participants because the submitted block cannot be altered or re-engineered. However, another big problem is how users of cryptocurrencies stop somebody from adding or editing a transaction that spends someone else's money to them. To do this, Blockchain needs another cryptosystem called Public/Private Keys, a primitive asymmetric cryptosystem, e.g., the RSA encryption, to sign the transactions for proving the authenticity of the ownership without revealing the signed secret information. The generated public key is regarded as a ledger account number or digital wallet of the sender and the recipient. Simultaneously, the paired private keys are used to identify whether the digital wallets' owners are authentic. As growing network entities and propagated Blockchain transactions, computing millions of replicated tokens in the blocks to sign and verify the digital wallet's ownership is computationally expensive. However, a certain of chosen arithmetical transformations that can simplify mathematical cost can significantly reduce computational complexity. This research's main contribution is developing a protocol that can reduce the complexity and mathematical cost in generating the digital wallet and verifying its authenticity of ownership. Finally, performance analyses of the RSA algorithm for the protocol have been measured and visualized using Python.

Published

2021

31. Systematic and Critical Review of RSA Based Public Key Cryptographic Schemes: Past and Present Status

Author

Qazi Mohammad Areeb, Abdulrahman Alturki, Faisal Anwer, and Raza Imam

Subjects

Authentication, Key generation, cryptography, General Computer Science, Computer science, business.industry, General Engineering, Data security, Cryptography, Cloud computing, Encryption, Computer security, computer.software_genre, public key cryptography, Asymmetric key cryptography, TK1-9971, Public-key cryptography, RSA cryptosystem, Cryptosystem, General Materials Science, Electrical engineering. Electronics. Nuclear engineering, business, data security, computer, RSA cryptography

Abstract

The interconnected digital world is generating enormous data that must be secured from unauthorized access. Advancement in technologies and new innovative methods applied by attackers play an instrumental role in breaching data security. Public key Cryptography provides a set of cryptographic algorithms in achieving data security through confidentiality, integrity and authentication. Among all cryptographic algorithms in general and public key cryptography in particular, RSA is one of the most widely used and applied algorithms. Since its inception, it is commonly being adopted in securing data across different domains such as cloud, image and others. Despite its importance and wide applications, no such systematic and extensive survey exists in the literature. A systematic and thorough study of RSA based cryptography is presented in this work covering several domains. All the available works in this direction are divided into 11 different categories, viz, Hybrid, Parallel, Cloud, Image, Multiple-Keys, Chinese-Remainder-Theorem-based, Digital-Signatures, K-Nearest-Theorem-based, Batch, Wireless, and Core-Modifications. This study methodically explores RSA-based cryptosystems, either modifications in core RSA or applications of enhanced RSA across different domains, systematically categorizing in various categories and eventually providing findings and indications. The current study compares RSA methods based on parameters such as key generation, encryption schemes, decryption schemes, key features and enhancements, and also finds the leading areas where modified RSA has been applied in the recent past. As a result, this study will guide researchers and practitioners in understanding the past and present status of RSA cryptography along with the possibility of its applications in other domains.

Published

2021

32. An Anonymous Certificateless Signcryption Scheme for Internet of Health Things

Author

Insaf Ullah, Neeraj Kumar, Sajjad Ur Rehman, Muhammad Asghar Khan, and Ali Alkhalifah

Subjects

Internet of things, General Computer Science, Computer science, business.industry, random oracle model, General Engineering, Certificateless cryptography, Cryptography, security, Encryption, Computer security, computer.software_genre, IoHT, TK1-9971, Public-key cryptography, hyperelliptic curve cryptosystem, signcryption, Key (cryptography), Cryptosystem, General Materials Science, Electrical engineering. Electronics. Nuclear engineering, business, computer, Anonymity, Signcryption

Abstract

Internet of Health Things (IoHT) is a hot topic of research presently, which provides a reliable and intelligent healthcare system for monitoring the physical conditions of the patients over the Internet from anywhere and anytime. The ease of time-independent interaction from geographically remote areas is a core advantage of the IoHT system, which offers preventive or proactive healthcare facilities at a lower cost. IoHT communication, on the other hand, is usually carried out with a range of low-power biomedical sensors, rendering them vulnerable to cyber-attacks and incompatible with traditional cryptographic techniques. The most critical security concern in IoHT is ensuring the authenticity of patients’ health-related messages sent over the internet. Other key concerns include receiver anonymity and forward security, which means that only the sender knows the identities of the recipients. As a result, even if the private key of senders compromised, the adversary will be unable to decrypt the ciphertext. Existing signcryption schemes that employ certificateless cryptography for the healthcare system failed to guarantee both receiver anonymity and forward security simultaneously. Therefore, in this article, we propose an anonymous certificateless signcryption scheme for IoHT applications, which is based on the notion of the Hyperelliptic Curve (HEC) cryptosystem to satisfy these security requirements. The proposed scheme guarantees formal security analysis for confidentiality, unforgeability, and receiver anonymity using the Random Oracle Model (ROM). The results authenticate that the proposed scheme improves security while lowering computation and communication costs.

Published

2021

33. Modified Vigenere cryptosystem: An integrated data encryption module for learning management system

Author

Kenrick Agustin S. Secugal, Nelly E. Mistio, and Jason P. Sermeno

Subjects

Numerical Analysis, Control and Optimization, Computer science, business.industry, General Chemical Engineering, General Engineering, Information technology, Cryptography, Encryption, Computer security, computer.software_genre, Symmetric-key algorithm, Server, Encoding (memory), Key (cryptography), Cryptosystem, General Agricultural and Biological Sciences, business, computer

Abstract

Security is a practice of defending our computers, servers, networks, mobile devices, electronic systems, and digital information against accidental and malicious attacks in the field of Information Technology. One way to protect such valuable information is to use cryptography. Cryptography or encryption algorithm is the process of transforming sensitive data into confounding data in such a way that the person or the machine with a key can decode the hidden information. In this article, a hybrid approach of the Vigenere cryptosystem was used in encrypting and decrypting the data. This approach will be integrated with the learning management system using matrix manipulation and the Base94 encoding scheme. The experimental result of the study shows a significant high avalanche effect compared to the original Vigenere cryptosystem.

Published

2021

34. Quantum-Resistant Cryptography for the Internet of Things Based on Location-Based Lattices

Author

Mischa Dohler and Ohood Saud Althobaiti

Subjects

Spoofing attack, General Computer Science, Computer science, Internet of Things, Cryptography, Computer security, computer.software_genre, localization, law.invention, Public-key cryptography, law, Cryptosystem, General Materials Science, Subscriber identity module, Authentication, business.industry, General Engineering, Public key infrastructure, quantum-resistant cryptography, Credential, TK1-9971, lattices, Electrical engineering. Electronics. Nuclear engineering, business, computer, location

Abstract

An important enabler of the Internet of Things (IoT) is the Narrow-Band Internet of Things (NB-IoT) technology, which is a 3GPP standards compliant connectivity solution. Quantum computing, another emerging technological paradigm, promises novel compute opportunities but is also able to compromise cybersecurity ciphers. Therefore, improved methods to mitigate such security threats are needed. In this research, we propose a location-aware cryptographic system that guarantees post-quantum IoT security. The ultimate value of a location-driven cryptosystem is to use the geographic location as a player’s identity and credential. Position-driven cryptography using lattices is efficient and lightweight, and it can be used to protect sensitive and confidential data in many critical situations that rely heavily on exchanging confidential data. At the best of our knowledge, this research starts the study of unconditional-quantum-resistant-location-driven cryptography by using the Lattice problem for the IoT in a pre-and post-quantum world. Unlike existing schemes, the proposed cryptosystem is the first secure and unrestricted position-based protocol that guards against any number of collusion attackers and against quantum attacks. It has a guaranteed authentication process, solves the problems of distributing public keys by removing a public key infrastructure (PKI), offers secure NB-IoT without SIM cards, and resists location spoofing attacks. Furthermore, it can be generalized to any network – not just NB-IoT.

Published

2021

35. Cipher Block Chaining Support Vector Machine for Secured Decentralized Cloud Enabled Intelligent IoT Architecture

Author

Seeram Ramakrishna, Goutam Kumar Dalapati, Mohammad Zubair Khan, Ahmed H. Alahmadi, Debabrata Samanta, M. P. Karthikeyan, and Amit Banerjee

Subjects

Block cipher mode of operation, Key generation, Block chaining, cryptography, General Computer Science, Computer science, business.industry, cryptosystem, cloud computing, General Engineering, Cloud computing, Cryptography, Encryption, computer.software_genre, TK1-9971, Cipher, Server, symmetric key, General Materials Science, Electrical engineering. Electronics. Nuclear engineering, Web service, business, computer, Computer network

Abstract

The growth of internet era leads to a major transformation in a storage of data and accessing the applications. One such new trend that promises the endurance is the Cloud computing. Computing resources offered by the Cloud includes the servers, networks, storage, and applications, all as services. With the advent of Cloud, a single application is delivered as a metered service to numerous users, via an Application Programming Interface (API) accessible over the network. The services offered via the Cloud are such as the infrastructure, software, platform, database and web services. The main motivation of this application model is to provide computationally secure key generation to protect the data via encryption. This key generation in the cryptography process falls into three categories in this research work. In the first part, SVM based encryption service model is constructed for which the key generation is from the conventional encryption operation mode with some improvements. To make the process more complex, the optimization techniques are taken into account for the key generation in descendant two methods application model that acts computationally more secure specifically for Cloud environment. The results of security analysis confirm the effectiveness of the proposed application model withstands potentially against various attacks such as Chosen Cipher Attack, Chosen Plain text Attack indistinguishable attacks for files. In case of images, it resists well against statistical and differential attacks. Comparative Analysis shows evidence of the efficiency of the developed pioneering application model quality and strength compared with that of the existing services.

Published

2021

36. The singularity attack to the multivariate signature scheme HIMQ-3

Author

Zheng Zhang, Jintai Ding, and Joshua Deaton

Subjects

Scheme (programming language), Standardization, Computer Networks and Communications, 0102 computer and information sciences, 02 engineering and technology, Computer security, computer.software_genre, 01 natural sciences, Microbiology, law.invention, Public-key cryptography, Singularity, law, 0202 electrical engineering, electronic engineering, information engineering, Discrete Mathematics and Combinatorics, Cryptosystem, Mathematics, computer.programming_language, Algebra and Number Theory, business.industry, Applied Mathematics, 020206 networking & telecommunications, Signature (logic), 010201 computation theory & mathematics, NIST, business, Cryptanalysis, computer

Abstract

We present a cryptanalysis of a signature scheme HIMQ-3 due to Kyung-Ah Shim et al [ 10 ], which is a submission to National Institute of Standards and Technology (NIST) standardization process of post-quantum cryptosystems in 2017. We will show that inherent to the signing process is a leakage of information of the private key. Using this information one can forge a signature.

Published

2021

37. Analysis of Using Blockchain to Protect the Privacy of Drone Big Data

Author

M. Shamim Hossain, Bong Jun Choi, Zhihan Lv, and Liang Qiao

Subjects

Scheme (programming language), Information privacy, Computer Networks and Communications, business.industry, Computer science, Big data, ComputerApplications_COMPUTERSINOTHERSYSTEMS, 020206 networking & telecommunications, 02 engineering and technology, Computer security, computer.software_genre, Encryption, Drone, Public-key cryptography, Hardware and Architecture, 0202 electrical engineering, electronic engineering, information engineering, Key (cryptography), Cryptosystem, business, computer, Software, Information Systems, computer.programming_language

Abstract

In order to solve the problem of privacy protection of unmanned aerial vehicle (UAV) big data, it is necessary to design a privacy protection scheme that guarantees safe sharing of UAV big data. In this work, blockchain technology is adopted to solve the privacy protection problem of UAV big data. In particular, the proposed privacy protection scheme uses a number theory research unit cryptosystem for encryption of blockchain data. Privacy analysis is provided to validate the security requirements. The performance evaluation results show that the proposed UAV big data privacy protection scheme based on blockchain technology has low computing cost in terms of key production, encryption, and decryption. It also outperforms the conventional approaches. This work aims to provide a guideline for future research on the privacy protection of UAV data.

Published

2021

38. Encryption and Re-Randomization Techniques for Malware Propagation

Author

Fawad Khan, Ahsan Rasheed Abbasi, Shynar Mussiraliyeva, Mehreen Afzal, Waseem Iqbal, and Awais Ur Rehman

Subjects

Software_OPERATINGSYSTEMS, General Computer Science, Computer science, Paillier cryptosystem, homomorphic encryption, Cryptography, computer.software_genre, Computer security, Encryption, re-encryption, ElGamal, Public-key cryptography, RSA, malware encryption, Code (cryptography), Cryptosystem, General Materials Science, business.industry, Payload, General Engineering, TK1-9971, Information sensitivity, ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, Malware, Electrical engineering. Electronics. Nuclear engineering, business, computer

Abstract

Encryption, which is essential for the protection of sensitive information can also transform any malicious content to illegible form, which can then reside in any network, undetected. Encryption of malicious payload is used by malware authors to mask their code, however, the objective of hiding the malicious code can be further improved by techniques of re-randomization. The concept of re-randomization using asymmetric cryptography has been emerged as a new area of interest for malware designers. Re-randomizing is a technique which can prevent detection of source path of a malware and makes it indistinguishable. This article extends the idea of using asymmetric cryptography for re-randomization and has proposed a novel scheme using Pailliar’s asymmetric cryptosystem. Moreover, this research work illustrates the limitations of RSA for malware re-randomization. A comprehensive performance analysis of the re-randomization techniques for various malware payloads is also presented, which can be used for the detection of re-randomized malware effectively.

Published

2021

39. Lightweight Encryption Technique to Enhance Medical Image Security on Internet of Medical Things Applications

Author

Mohammad Kamrul Hasan, Saleh Alyahya, Mohammad Safiqul Islam, Rossilawati Sulaiman, Musse Mohamed Ahmed, Sheroz Khan, Aisha Hassan Abdalla Hashim, Samar Kamil, Shabana Habib, Shayla Islam, and Arif Hassan

Subjects

General Computer Science, Computer science, medical image encryption, 02 engineering and technology, Computer security, computer.software_genre, Encryption, Field (computer science), lightweight encryption, Image (mathematics), 0202 electrical engineering, electronic engineering, information engineering, Redundancy (engineering), Cryptosystem, General Materials Science, Confidentiality, Internet of Medical Things, Authentication, business.industry, General Engineering, 020206 networking & telecommunications, 020201 artificial intelligence & image processing, The Internet, lcsh:Electrical engineering. Electronics. Nuclear engineering, business, lcsh:TK1-9971, computer

Abstract

The importance of image security in the field of medical imaging is challenging. Several research works have been conducted to secure medical healthcare images. Encryption, not risking loss of data, is the right solution for image confidentiality. Due to data size limitations, redundancy, and capacity, traditional encryption techniques cannot be applied directly to e-health data, especially when patient data are transferred over the open channels. Therefore, patients may lose the privacy of data contents since images are different from the text because of their two particular factors of loss of data and confidentiality. Researchers have identified such security threats and have proposed several image encryption techniques to mitigate the security problem. However, the study has found that the existing proposed techniques still face application-specific several security problems. Therefore, this paper presents an efficient, lightweight encryption algorithm to develop a secure image encryption technique for the healthcare industry. The proposed lightweight encryption technique employs two permutation techniques to secure medical images. The proposed technique is analyzed, evaluated, and then compared to conventionally encrypted ones in security and execution time. Numerous test images have been used to determine the performance of the proposed algorithm. Several experiments show that the proposed algorithm for image cryptosystems provides better efficiency than conventional techniques.

Published

2021

40. A Conditional Privacy Protection Scheme Based on Ring Signcryption for Vehicular Ad Hoc Networks

Author

Hao Zhang, Yuguang Fang, and Ying Cai

Subjects

Security analysis, Authentication, Information privacy, 021103 operations research, Computer Networks and Communications, Computer science, Wireless ad hoc network, 0211 other engineering and technologies, 020302 automobile design & engineering, 02 engineering and technology, Computer security, computer.software_genre, Computer Science Applications, 0203 mechanical engineering, Ring signature, Hardware and Architecture, Signal Processing, Cryptosystem, computer, Information Systems, Signcryption, Anonymity

Abstract

Vehicular ad hoc networks (VANETs) leverage information and communications technology to make transportation systems intelligent, safe, and efficient, hence improving people’s driving experience. Unfortunately, due to the openness of wireless channels and vehicular mobility, privacy leakage in VANETs poses serious privacy concerns. Once a user’s identity is leaked, it will cause serious threats to his/her property and personal safety as a malicious attacker, such as a stalker could utilize the targeted identity to track particular driver and/or launch malicious attack. To address such a privacy problem, by observing the nice properties of ring signature like anonymity, spontaneity, flexibility, and membership equality, we design a novel conditional privacy protection scheme based on ring signcryption, which utilizes the salient features of identity-based cryptosystems and ring signature to achieve conditional privacy. Through security analysis and experiments, we have demonstrated the advantage of our scheme over most existing solutions.

Published

2021

41. Lightweight Three-Factor-Based Privacy- Preserving Authentication Scheme for IoT-Enabled Smart Homes

Author

Nam-Su Jho, Young-Ho Park, and SungJin Yu

Subjects

Password, Authentication, General Computer Science, business.industry, Computer science, Smart homes, General Engineering, security protocol, privacy-preserving, Computer security, computer.software_genre, TK1-9971, Home automation, Authentication protocol, Session key, Cryptosystem, authentication, General Materials Science, The Internet, Electrical engineering. Electronics. Nuclear engineering, Elliptic curve cryptography, business, computer

Abstract

Smart homes are an emerging paradigm of Internet of Things (IoT) in which users can remotely control various home devices via the internet anytime and anywhere. However, smart home environments are vulnerable to security attacks because an attacker can inject, insert, intercept, delete, and modify transmitted messages over an insecure channel. Thus, secure and lightweight authentication protocols are essential to ensure useful services in smart home environments. In 2021, Kaur and Kumar presented a two-factor based user authentication protocol for smart homes using elliptic curve cryptosystems (ECC). Unfortunately, we demonstrate that their scheme cannot resist security attacks such as impersonation and session key disclosure attacks, and also ensure secure user authentication. Moreover, their scheme is not suitable in smart home environments because it utilizes public-key cryptosystems such as ECC. Hence, we design a secure and lightweight three-factor based privacy-preserving authentication scheme for IoT-enabled smart home environments to overcome the security problems of Kaur and Kumar’s protocol. We prove the security of the proposed scheme by using informal and formal security analyses such as the ROR model and AVISPA simulation. In addition, we compare the performance and security features between the proposed scheme and related schemes. The proposed scheme better provides security and efficiency compared with the previous schemes and is more suitable than previous schemes for IoT-enabled smart home environments.

Published

2021

42. PMTER-ABE: a practical multi-authority CP-ABE with traceability, revocation and outsourcing decryption for secure access control in cloud systems

Author

Padmalochan Bera, Kamalakanta Sethi, and Ankit Pradhan

Subjects

Traceability, Computer Networks and Communications, Computer science, media_common.quotation_subject, Access control, Cloud computing, Data_CODINGANDINFORMATIONTHEORY, 02 engineering and technology, Computer security, computer.software_genre, Encryption, Outsourcing, Server, Secrecy, 0202 electrical engineering, electronic engineering, information engineering, Cryptosystem, media_common, Delegation, Revocation, business.industry, 020206 networking & telecommunications, ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, 020201 artificial intelligence & image processing, business, computer, Software

Abstract

Attribute-based encryption (ABE) has evolved as an efficient and secure method for storage of data with fine-grained access control in cloud platforms. In recent years, increasing diversification in the design of ABE schemes has led to significant research in the assimilation of properties like traceability, revocation, and outsourcing decryption. However, most of the recent ABE schemes incorporate few of these properties and hence lack in robustness to adapt with varying demands of cloud systems. In modern ABE designs, the notions of forward and backward secrecy have been introduced to accommodate the delegation of a large number of heterogeneous users in the system. In general, these features are realized under the concept of user revocation. On the other hand, to control malicious users in the system, it is necessary to implement traceability in integration with user revocation. Finally, for resource-constrained users, outsourcing decryption to proxy servers is a viable option. Thus, we propose PMTER-ABE, a practical decentralized multi-authority traceable and efficiently revocable attribute-based cryptosystem with outsourcing decryption advantage. The key features of our cryptosystem are (i) incorporating large attribute universe with highly expressive policies, (ii) integrating forward and backward secrecy under user revocation, (iii) implementing white-box traceability to detect malicious users, and (iv) outsourcing decryption to reduce the computational overhead of decryption on users. We present the formal proofs for correctness, security, and traceability of PMTER-ABE along with performance analysis. The efficiency and usability of PMTER-ABE is shown with practical implementation and experimental results.

Published

2021

43. Cryptanalysis of Internet of Health Things Encryption Scheme Based on Chaotic Maps

Author

Majid Khan, Abd Al Karim Haj Ismail, Mohammad Mazyad Hazzazi, Noor Munir, Iqtadar Hussain, Amer Aijaedi, and Adel R. Alharbi

Subjects

General Computer Science, Computer science, Data security, Cryptography, Encryption, Computer security, computer.software_genre, law.invention, Internet of Health Things, cryptanalysis, law, Ciphertext, Cryptosystem, conditional shift, General Materials Science, known-plaintext attack, business.industry, General Engineering, Information security, chosen-plaintext attack, TK1-9971, Chaotic map, Key (cryptography), Electrical engineering. Electronics. Nuclear engineering, business, Cryptanalysis, computer

Abstract

Many encryption algorithms are designed to decrease the probability of cyberattacks by assuring data security as well as system and participant authentication. However, in the development of computer resources cryptanalytical techniques have been developed and performed competitively in information security with good results. In this paper, we reported security flaws in the recently offered encryption technique based on a chaotic map for Internet of Health Things (IoHT) security. The scheme was based on a new chaotic map, modified Mandelbrot set, and conditional shift algorithm asserting the encryption algorithm is secure. We have performed some cryptographic attacks to retrieve the key from the understudy cryptosystem. The key was retrieved in little computation by using a chosen-plaintext attack and one known plaintext ciphertext pair. The minimum execution time of performed attacks indicates the vulnerability of the diffusion-based encryption algorithm. To enhance the security of the understudy cryptographic algorithm, we have also suggested certain improvements.

Published

2021

44. ON THE SECURITY COMPARISON OF LUC-TYPE CRYPTOSYSTEMS USING CHOSEN MESSAGE ATTACK

Author

M. M. Magiman, Fatin Hana Naning, P.H. Yiu, Ahmad Fadly Nurullah Rasedee, Tze Jin Wong, Mohammad Hasan Abdul Sathar, and Lee Feng Koo

Subjects

Computer science, General Mathematics, Chosen message attack, Cryptosystem, Type (model theory), Computer security, computer.software_genre, computer

Published

2020

45. Anonymous Certificate-Based Broadcast Encryption With Personalized Messages

Author

Jiguo Li, Yichen Zhang, and Chen Liqing

Subjects

Cryptographic primitive, Computer science, business.industry, computer.internet_protocol, 020206 networking & telecommunications, 02 engineering and technology, Encryption, Certificate Management Protocol, Computer security, computer.software_genre, Public-key cryptography, 0202 electrical engineering, electronic engineering, information engineering, Media Technology, Key (cryptography), Cryptosystem, Electrical and Electronic Engineering, business, Broadcast encryption, computer, Key escrow

Abstract

Broadcast encryption with personalized messages (BEPM) is a newly proposed cryptographic primitive, which supports a broadcaster to deliver the common encrypted broadcast message to a group of authorized users. It also supports a broadcaster to deliver the personalized messages to the individual authorized users simultaneously. However, none of the existing BEPM schemes consider the anonymity of authorized users, which is a crucial security requirement for many BEPM application scenarios. Besides, the previous studies on BEPM only achieve security against chosen-plaintext attack adversaries. Certificate-based cryptosystem gives a viable way to construct more secure and efficient BEPM schemes. We propose the new concept of anonymous certificate-based broadcast encryption with personalized messages (ANON-CBBE-PM). Subsequently, we illustrate the formal definition and the security model of ANON-CBBE-PM. Furthermore, we present an ANON-CBBE-PM scheme, which solves key escrow problem in identity-based cryptosystem and certificate management problem in traditional public key cryptosystem. Compared with the existing BEPM schemes, the proposed scheme not only protects the privacy of authorized users, but also has advantage in performance. To be more specific, the lengths of the user secret key and the system public parameters, as well as the cost for decryption are constant. For those BEPM applications with a multitude of users whose computing ability is limited, the proposed scheme is more practical. In addition, our scheme simultaneously achieves anonymity and confidentiality under adaptive chosen-ciphertext attack in the standard model.

Published

2020

46. Efficient and Privacy-Preserving Authentication Protocol for Heterogeneous Systems in IIoT

Author

Yan Wu, Hu Xiong, Saru Kumari, and Chuanjie Jin

Subjects

Authentication, Computer Networks and Communications, business.industry, Computer science, 020208 electrical & electronic engineering, 020206 networking & telecommunications, Cloud computing, 02 engineering and technology, Computer security, computer.software_genre, Computer Science Applications, Random oracle, Privacy preserving, Secure communication, Hardware and Architecture, Authentication protocol, Server, Signal Processing, 0202 electrical engineering, electronic engineering, information engineering, Cryptosystem, business, computer, Information Systems

Abstract

The Industrial Internet of Things (IIoT) is expected to provide a promising opportunity to revolutionize the production operation of the existing industrial systems by leveraging smart devices. Due to the untrusted nature of communication channels, ensuring data authenticity is a critical challenge. Besides, devices’ privacy and communication heterogeneity raise crucial concerns about the IIoT applications since the existing authentication protocols for the IIoT environment face the potential threats of privacy leakage and cannot achieve secure communication between heterogeneous industrial systems. To address these challenges, this article proposes an efficient privacy-preserving authentication protocol for heterogeneous systems in IIoT using proxy resignature. The presented protocol not only provides heterogeneous communication between ID-based and certificateless-based cryptosystems but also achieves various security requirements. The security of our protocol has been proven based on the extended Computational Diffie–Hellman (eCDH) assumption in the random oracle model. The experimental simulation demonstrates that our protocol is feasible for the IIoT-based environment.

Published

2020

47. An Efficient RFID Authentication Scheme Based on Elliptic Curve Cryptography for Internet of Things

Author

Mustapha Benssalah, Karim Drouiche, and Izza Sarah

Subjects

Cryptographic primitive, Computer science, 020206 networking & telecommunications, Context (language use), 02 engineering and technology, Computer security model, Computer security, computer.software_genre, Computer Science Applications, 0202 electrical engineering, electronic engineering, information engineering, Key (cryptography), Cryptosystem, 020201 artificial intelligence & image processing, Electrical and Electronic Engineering, Elliptic curve cryptography, Protocol (object-oriented programming), computer

Abstract

With the rapid development of microelectronics devices and the progress in communication and information technologies, many services and technologies are increasingly involved into our daily life. In fact, as the used systems are progressively interconnected and open, this introduce new threats such as more and more hacking, fraud and many other kinds of misuses. Consequently, the security and privacy of the exchanged data information tampering must be addressed most seriously. In this context, recently Elliptic Curve Cryptography (ECC) is widely used in many cryptosystems nowadays especially for those presenting challenging constraints in terms of power consumption, memory, computational cost, etc. It is well-known that the ECC provides high security level with much smaller key sizes. In this paper, we show that an inappropriate use of ECC cryptographic primitives, the lack of experience in designing secure protocols and the unsuitable choice of security verification tools can destroy the whole security of a given ECC-based scheme. Therefore, first we wreck efficient attacks on three most recent proposed ECC-based protocols published in three of well-known scientific journals. Then, an improved protocol that inherits the strengths of Dinarvand and Barati’s protocol and takes into account the discovered flaws is proposed. Via formal and informal security models, we assess that the improved protocol could deliver all the virtues of Dinarvand and Barati’s protocol and resists all known attacks.

Published

2020

48. Decentralized Public Key Infrastructures atop Blockchain

Author

Nadra Guizani, Chunwei Lou, Yong Yu, Yannan Li, and Lianhai Wang

Subjects

Public key certificate, Computer Networks and Communications, business.industry, Computer science, 020206 networking & telecommunications, Public key infrastructure, 02 engineering and technology, Computer security, computer.software_genre, Encryption, Public-key cryptography, Bulletin board, Digital signature, Hardware and Architecture, Certificate authority, 0202 electrical engineering, electronic engineering, information engineering, Cryptosystem, business, computer, Software, Information Systems

Abstract

The public key infrastructure (PKi) has been widely adopted to create, manage, distribute, store and revoke digital certificates, which plays an important role in bootstrapping secure communications. A PKi system authenticates entities with the corresponding public keys and it lays the security foundation for public-key cryptosystems in public-key encryption and digital signatures. However, traditional PKi systems suffer from security breaches, such as single-point-offailure and man-in-the-middle attacks due to the existence of a centralized certificate authority. in this article, we review the traditional centralized PKi system as well as the subjected security concerns, and then we propose possible solutions to address these issues with the emerging blockchain technology. Two frameworks are presented where blockchain is utilized as a public bulletin board or trusted majority. We implement the functions to evaluate the off-chain time costs and on-chain gas costs of the proposal, which demonstrate the feasibility and practicality of the proposal.

Published

2020

49. Implementasi Kriptografi Untuk Keamanan File Text Dengan Menggunakan Metode MD5

Author

Hasanul Fahmi and Ahmad Zaki Fadilla Rangkuti

Subjects

business.industry, Computer science, Data security, Cryptography, Plaintext, Data_CODINGANDINFORMATIONTHEORY, Computer security, computer.software_genre, Encryption, MD5, Ciphertext, Code (cryptography), Cryptosystem, business, computer

Abstract

Technological developments, especially in data security systems in maintaining data information security, have developed rapidly. In maintaining the security of information data, there are branches of science in its development such as cryptography. Cryptography is both the science and the art of maintaining the security of messages obtained by encoding messages to become meaningless. There are two processes in cryptography, namely encryption and decryption. To be able to secure the text file, an encryption process is carried out by changing an original text message that can be understood (plaintext) into a message that has no meaning (ciphertext) which aims to prevent the message from being known by others. Decryption is the process of returning or changing incomprehensible text code (ciphertext) into original text that can be understood (plaintext). To secure the file, the MD5 method algorithm is implemented. With that, a cryptosystem application program that is used to secure text files is created so that only certain people can process the files..

Published

2020

50. Efficient ciphertext-policy attribute-based encryption with blackbox traceability

Author

Jiaming Yuan, Ximeng Liu, Yinghui Zhang, Yingjiu Li, Zuobin Ying, Shengmin Xu, and Guowen Xu

Subjects

Scheme (programming language), Information Systems and Management, Traceability, Computer science, Data_CODINGANDINFORMATIONTHEORY, 02 engineering and technology, Computer security, computer.software_genre, Encryption, Theoretical Computer Science, Artificial Intelligence, Traitor tracing, Ciphertext, 0202 electrical engineering, electronic engineering, information engineering, Cryptosystem, computer.programming_language, business.industry, 05 social sciences, Fingerprint (computing), 050301 education, Computer Science Applications, Control and Systems Engineering, 020201 artificial intelligence & image processing, Attribute-based encryption, business, 0503 education, computer, Software

Abstract

Traitor tracing scheme is a paradigm to classify the users who illegal use of their decryption keys in cryptosystems. In the ciphertext-policy attribute-based cryptosystem, the decryption key usually contains the users’ attributes, while the real identities are hidden. The decryption key with hidden identities enables malicious users to intentionally leak decryption keys or embed the decryption keys in the decryption device to gain illegal profits with a little risk of being discovered. To mitigate this problem, the concept of blackbox traceability in the ciphertext-policy attribute-based scheme was proposed to identify the malicious user via observing the I/O streams of the decryption device. However, current solutions with blackbox traceability are impractical since either the composite-order group or the linear complexity of system users is required. In this article, we proposed a secure ciphertext-policy attribute-based set encryption scheme with the short decryption key. The proposed scheme bases on the prime-order group to improve computational performances and aggregates multiple attributes into a constant-size attribute set to reduce the costs of communication overheads. By applying our proposed scheme with fingerprint codes, we then give an instantiation of the ciphertext-policy attribute-based scheme with blackbox traceability. Our scheme is provably secure under various q-type assumptions.

Published

2020