Your search keyword '"56-bit encryption"' showing total 2,025 results

151. AES Based Text Encryption Using 12 Rounds with Dynamic Key Selection

Author

Rajesh Bansode and Nishtha Mathur

Subjects

Key Wrap, Plaintext-aware encryption, Computer science, Encryption, Key distribution, Data security, Cryptography, 02 engineering and technology, Computer security, computer.software_genre, Public-key cryptography, Watermarking attack, Countermeasures, Hybrid algorithm, 0202 electrical engineering, electronic engineering, information engineering, ECC, Cryptosystem, Hybrid cryptosystem, Side channel attack, Decryption, General Environmental Science, Key size, Key generation, AES, business.industry, Key space, Advanced Encryption Standard, 020206 networking & telecommunications, Information security, Deterministic encryption, Power analysis, Timing attack, Symmetric-key algorithm, Probabilistic encryption, Security, 40-bit encryption, Key (cryptography), 56-bit encryption, General Earth and Planetary Sciences, 020201 artificial intelligence & image processing, Attribute-based encryption, On-the-fly encryption, business, computer

Abstract

Data security has a major role in the development of communication system, where more randomization in the secret keys increases the security as well as the complexity of the cryptography algorithms. In the recent years network security has become an important concern. Cryptography plays a vital role in the information security system against various attacks. Efficient and newer versions of cryptography techniques can help to reduce this security threat. The Advanced Encryption Standard is a strong symmetric key cryptographic algorithm which uses a number of table look ups to increase its performance. The Cache Timing Attack correlates the timing details for encryption under a known key with an unknown key to infer the unknown key. This paper proposes an extension of a public-key cryptosystem to support a private key cryptosystem which is a combination of Advanced Encryption Standard and ECC. The past results have been computed on the basis of AES key length as 128 bit and no. of iterations as 10.To increase competency and to minimize drawbacks this paper proposes a hybrid encryption scheme. The parameters to be studied will primarily focus on the key length, no. of iterations and the type of side channel attack to be implemented. The key length for this work has been increased to 192 bit and the no. of iterations taken will be 12.

Published

2016

152. Secure and Private Cloud-Based Control Using Semi-Homomorphic Encryption**The work was, in part, supported by a McKenzie Fellowship, ARC grant LP130100605, and Defence Science and Technology Group through the Research Agreement My IP:6288

Author

Iman Shames, Nathan Batterham, and Farhad Farokhi

Subjects

0209 industrial biotechnology, Plaintext-aware encryption, Computer science, Distributed computing, 02 engineering and technology, Encryption, computer.software_genre, Disk encryption hardware, Paillier cryptosystem, Multiple encryption, 020901 industrial engineering & automation, Filesystem-level encryption, Computer Science::Multimedia, 0202 electrical engineering, electronic engineering, information engineering, Computer Science::Cryptography and Security, business.industry, Client-side encryption, Homomorphic encryption, 020206 networking & telecommunications, Disk encryption theory, Deterministic encryption, Bus encryption, Computer engineering, Disk encryption, Control and Systems Engineering, Probabilistic encryption, 40-bit encryption, 56-bit encryption, Link encryption, Attribute-based encryption, On-the-fly encryption, business, computer

Abstract

Networked control systems with encrypted sensors measurements is considered. Semi-homomorphic encryption is used so that the controller can perform the required computation on the encrypted data. Specifically, in this paper, the Paillier encryption technique is utilized that allows summation of decrypted data to be performed by multiplication of the encrypted data. Conditions on the parameters of the encryption technique are provided that guarantee the stability of the closed-loop system and ensure certain bounds on the closed-loop performance.

Published

2016

153. FPGA Implementation of Non-Linear Cryptography

Author

G. Seetharaman, Thammampatti Natarajan Prabakar, and Balasubramanian Lakshmi

Subjects

Key generation, business.industry, Computer science, Key space, General Engineering, Key distribution, Cryptography, 0102 computer and information sciences, 02 engineering and technology, Encryption, 01 natural sciences, 020202 computer hardware & architecture, Brute-force attack, Computer engineering, 010201 computation theory & mathematics, Embedded system, 0202 electrical engineering, electronic engineering, information engineering, 56-bit encryption, Side channel attack, business

Abstract

The paper focuses on the design and Field Programmable Gate Array (FPGA) implementation of embedded system for time based dual encryption scheme with Delay Compulsion Function (DCF) and also illustrates the application of DCF in time based cryptography. Further, the strength of the time based FPGA encryption algorithm with and without using DCF is analyzed using a Nios II processor. This proposed scheme enhances the security of vital data against Brute force attack by incorporating a temporal key distribution where two different keys encrypt the data simultaneously, one being the regular key and the other being the time. The time is included using a dynamically varying number of shifts thereby allowing the system to wait for the duration and this forms the second dimension of the key. Presently, available encryption systems suffer from Brute Force attack in which all the key combinations are tried in order to find the correct key. In such a case, the time taken for breaking the key depends on the speed of the system used for cryptanalysis. The proposed system adds complexity by using dynamically varying sequence of operations, by including the time as a second dimension of the key besides minimizing the possibility of Brute Force attack and increasing the time required for cryptanalysis irrespective of the system capability. As the proposed system needs concurrent execution and real time processing, the system is implemented using Altera Stratix II FPGA and the results are presented.

Published

2016

154. On the Security of a Universal Cryptocomputer: the Chosen Instruction Attack

Author

Peter Schartner and Stefan Rass

Subjects

Plaintext-aware encryption, Theoretical computer science, General Computer Science, Computer science, Cryptography, 02 engineering and technology, security, Encryption, computer.software_genre, Computer security, Disk encryption hardware, Watermarking attack, Multiple encryption, side-channel attack, Ciphertext, 0202 electrical engineering, electronic engineering, information engineering, General Materials Science, applied cryptography, Private function evaluation, business.industry, General Engineering, Homomorphic encryption, Client-side encryption, 020206 networking & telecommunications, Disk encryption theory, Deterministic encryption, Ciphertext indistinguishability, Disk encryption, Symmetric-key algorithm, Probabilistic encryption, 56-bit encryption, 40-bit encryption, 020201 artificial intelligence & image processing, Link encryption, Attribute-based encryption, lcsh:Electrical engineering. Electronics. Nuclear engineering, On-the-fly encryption, business, Ciphertext-only attack, computer, lcsh:TK1-9971

Abstract

The ultimate goal of private function evaluation is the complete outsourcing of processing tasks to distrusted platforms (such as clouds), so that arbitrary functions can be evaluated without any leakage of secret information. Several successful concepts have been proposed in the past, the most striking one having been fully homomorphic encryption besides the well-known garbled circuits and multiparty computation. In this paper, we look at an idealized model of outsourced computation, which we call a cryptocomputer . This is a (theoretical) machine that works exactly like a real-life computer in the sense of understanding a standard assembly language, but retaining all its internal signals, registers, and memory encrypted at all times. The encryption is assumed under a key that is unknown to the attacker, and taken as secure (in any cryptographically meaningful way), so that no leakage of information from any ciphertext can be expected from programs with reasonable (polynomial) time complexity. Unfortunately, such a cryptocomputer is necessarily insecure, irrespectively of how the encryption looks like. In particular, we explicitly do not assume any specific form of security (chosen-ciphertext or other) or (a)symmetry of encryption; our attack works only on ciphertexts and makes no assumptions whatsoever on the encryption. We prove insecurity of the cryptocomputer by taking the encryption as a black box, and show how to decipher every signal in the computer by pure virtue of submitting proper instructions for execution. Our attack falls into the general category of side-channel attacks, however unlike other related attacks, does neither exploit physical nor any logical characteristics of the underlying platform (besides the execution flow being observable). Somewhat surprisingly, it turns out that although the problem that we consider is cryptographic, it seemingly has no cryptographic solution and apparently calls for an interdisciplinary approach from new directions.

Published

2016

155. An Enhanced Image Encryption Scheme using 16 Byte Key

Author

Shradha Suryawanshi and Pankaj Kumar Sahu

Subjects

Theoretical computer science, Computer science, business.industry, ComputingMethodologies_IMAGEPROCESSINGANDCOMPUTERVISION, General Engineering, computer.software_genre, Encryption, Multiple encryption, Filesystem-level encryption, Probabilistic encryption, 56-bit encryption, 40-bit encryption, Attribute-based encryption, Data mining, On-the-fly encryption, business, computer

Abstract

Nowadays, security and privacy has become one of the primary issues in data storage and transmission. In the age of multimedia, images are widely used in business, advertising and promotions. Therefore the protection of images from unauthorized access is important. Image encryption plays a significant role in the field of information hiding. In this article, we introduce a chaos based image encryption technique using method of shuffled operations. This technique uses 128-bit private key for encryption. Performance of proposed image encryption scheme is compared with the existing inter pixel displacement image encryption scheme. Performance evaluation reveals that proposed scheme performs better than existing scheme in terms of entropy of encrypted image.

Published

2015

156. Revocable Quantum Timed-Release Encryption

Author

Dominique Unruh

Subjects

Theoretical computer science, business.industry, Client-side encryption, computer.software_genre, Encryption, Multiple encryption, Filesystem-level encryption, Artificial Intelligence, Hardware and Architecture, Control and Systems Engineering, Probabilistic encryption, 56-bit encryption, 40-bit encryption, On-the-fly encryption, business, computer, Software, Information Systems, Mathematics

Abstract

Timed-release encryption is a kind of encryption scheme in which a recipient can decrypt only after a specified amount of time T (assuming that we have a moderately precise estimate of his computing power). A revocable timed-release encryption is one where, before the time T is over, the sender can “give back” the timed-release encryption, provably loosing all access to the data. We show that revocable timed-release encryption without trusted parties is possible using quantum cryptography (while trivially impossible classically). Along the way, we develop two proof techniques in the quantum random oracle model that we believe may have applications also for other protocols. Finally, we also develop another new primitive, unknown recipient encryption , which allows us to send a message to an unknown/unspecified recipient over an insecure network in such a way that at most one recipient will get the message.

Published

2015

157. Dual trapdoor identity-based encryption with keyword search

Author

Xinyi Huang, Junzuo Lai, and Jia-Nan Liu

Subjects

Computer science, 02 engineering and technology, computer.software_genre, Encryption, Computer security, Theoretical Computer Science, Public-key cryptography, Multiple encryption, Filesystem-level encryption, 0202 electrical engineering, electronic engineering, information engineering, Cryptographic primitive, business.industry, Client-side encryption, 020206 networking & telecommunications, Computer security model, Probabilistic encryption, 56-bit encryption, 40-bit encryption, 020201 artificial intelligence & image processing, Geometry and Topology, Link encryption, On-the-fly encryption, business, Cloud storage, computer, Software

Abstract

Identity-based encryption with keyword search (IBEKS) is a useful cryptographic primitive for cloud computing, i.e., it allows a data owner to encrypt and store his data in a cloud storage server, and later the owner can use his/her private key to produce a search trapdoor for searching the encrypted data. Existing IBEKS schemes only focus on supporting efficient and complex queries for the private key holder, while the authority, who is in charge of the generation of the private keys for users, cannot efficiently search the encrypted data. However, some applications might require the authority to efficiently search the encrypted data intended for any user. To address this problem, in this paper, we introduce a new primitive named dual trapdoor identity-based encryption with keyword search (DTIBEKS). In this primitive, the authority can use a peculiar way to produce one more trapdoor, which allows the authority to search any identity's encrypted data. We formally give the definition and security model for DTIBEKS, and then propose a novel DTIBEKS scheme. We further prove the security of our proposed DTIBEKS without random oracles. It is worth noting that our scheme can be easily transformed into identity-based encryption with fuzzy keyword search.

Published

2015

158. Public key encryption secure against related-key attacks and key-leakage attacks from extractable hash proofs

Author

Pengtao Liu, Chengyu Hu, and Shanqing Guo

Subjects

Key Wrap, General Computer Science, Computer science, Hash function, Key distribution, 0102 computer and information sciences, 02 engineering and technology, Encryption, computer.software_genre, Computer security, 01 natural sciences, Secure Hash Standard, Public-key cryptography, Multiple encryption, 0202 electrical engineering, electronic engineering, information engineering, Cryptographic hash function, Key encapsulation, Pre-shared key, Authentication, business.industry, Computer security model, Adversary, 010201 computation theory & mathematics, Probabilistic encryption, 40-bit encryption, 56-bit encryption, Hash chain, 020201 artificial intelligence & image processing, Homomorphism, Attribute-based encryption, On-the-fly encryption, business, computer

Abstract

Public-key encryption (PKE) can be used in cloud system to protect data in data sharing, identity authentication, etc. However, the security model of traditional PKE does not capture the “key-leakage attacks” which can leak partial information about the secret key. Also, the adversary can inject fault to tamper with the secret key and observe the output of the public key encryption scheme under this modified key which is called “related-key attack”. In this paper, we present a method to construct public key encryption schemes secure against both weak key-leakage attacks and affine related-key attacks directly from extractable hash proof systems. Specifically, we first add Key Homomorphism and Fingerprinting properties to all-but-one (ABO) extractable hash proofs and construct a key encapsulation mechanism scheme secure against related-key attacks via it and thus public key encryption scheme secure against related-key attacks. Also, we prove that if the based ABO-extractable hash proof with Key Homomorphism and Fingerprinting properties is weak leakage-resilient, then the key encapsulation mechanism scheme constructed from it is weak leakage-resilient and related-key attack secure. Moreover, we propose a public key encryption scheme secure against affine related-key attacks based on lattice.

Published

2015

159. WSES: HIGH SECURED DATA ENCRYPTION AND AUTHENTICATION USING WEAVING, ROTATION AND FLIPPING

Author

A. Yesu Raja and S. Arumuga Perumal

Subjects

Weaving, Theoretical computer science, lcsh:Computer engineering. Computer hardware, Hash, Computer science, Data Security, Encryption, lcsh:TK7885-7895, computer.software_genre, Multiple encryption, Flipped Matrix, Filesystem-level encryption, ENTN, lcsh:T58.5-58.64, business.industry, lcsh:Information technology, WSES, Probabilistic encryption, REM, 56-bit encryption, 40-bit encryption, XOR, Decryption, Link encryption, On-the-fly encryption, business, computer, Computer hardware

Abstract

Data security is the very important part in the network data communication. Avoidance of the information hacking and steeling are very challenging part for network data communication. Now-a-days people are using many encryption and decryption techniques for data security. But all encryption and decryption techniques are having more time occupation or less security for the process. This paper proposed high level security approach to encryption and decryption for data security. Two levels of securities are used in this proposed method. First one is data encryption and the second one is hash value generation. The proposed Weaving based Superior Encryption Standard (WSES) uses a novel weaving based approach. The weaving array generation is done by Elementary Number Theory Notation (ENTN) method. The weaving array has multiple private keys for XOR encryption. After encryption the error value is extracted from the encrypted array and weaving array. This error value is sent to the other side. The novel approach for hash value generation uses the encrypted array. After encryption, the encrypted array is rotated into four degrees and each degree data are converted to vector format and arranged on by one under the vector. Finally a 2D Rotational Encryption Matrix (REM) is obtained. After this process a REM copy is converted to mirror flip and it is need as Flipped Matrix (FM). The FM is concatenated under the REM and converted to vector using the zigzag operation. Finally this process gives two bytes hash value from the vector. This proposed method executes very fast and provide high security. This method is much reliable to small size applications and also used for any type of data security.

Published

2015

160. Data Security and Privacy in Cloud Computing Using Different Encryption Algorithms

Author

Papri Ghosh, Vishal Thakor, and Pravin Bhathawala

Subjects

Cloud computing security, Privacy software, business.industry, Computer science, Client-side encryption, Data security, Encryption, Computer security, computer.software_genre, Disk encryption hardware, 56-bit encryption, 40-bit encryption, business, computer, Computer network

Published

2017

161. On Ends-to-Ends Encryption

Author

Katriel Cohn-Gordon, Cas Cremers, Jon Millican, Luke Garratt, and Kevin Milner

Subjects

Provable security, 021110 strategic, defence & security studies, Computer science, business.industry, 0211 other engineering and technologies, 020206 networking & telecommunications, 02 engineering and technology, Adversary, Cryptographic protocol, Encryption, Computer security, computer.software_genre, Off-the-Record Messaging, Symmetric-key algorithm, End-to-end encryption, Asynchronous communication, Secure messaging, 0202 electrical engineering, electronic engineering, information engineering, 56-bit encryption, Link encryption, business, computer, Key exchange

Abstract

In the past few years secure messaging has become mainstream, with over a billion active users of end-to-end encryption protocols such as Signal. The Signal Protocol provides a strong property called post-compromise security to its users. However, it turns out that many of its implementations provide, without notification, a weaker property for group messaging: an adversary who compromises a single group member can read and inject messages indefinitely. We show for the first time that post-compromise security can be achieved in realistic, asynchronous group messaging systems. We present a design called Asynchronous Ratcheting Trees (ART), which uses tree-based Diffie-Hellman key exchange to allow a group of users to derive a shared symmetric key even if no two are ever online at the same time. ART scales to groups containing thousands of members, while still providing provable security guarantees. It has seen significant interest from industry, and forms the basis for two draft IETF RFCs and a chartered working group. Our results show that strong security guarantees for group messaging are practically achievable in a modern setting.

Published

2018

162. Cryptanalyzing an image encryption algorithm based on autoblocking and electrocardiography\ud

Author

Feng Hao, Jinhu Lu, Chengqing Li, and Dongdong Lin

Subjects

FOS: Computer and information sciences, Theoretical computer science, Computer Science - Cryptography and Security, Computer science, 02 engineering and technology, computer.software_genre, Encryption, 01 natural sciences, QA76, Multiple encryption, Filesystem-level encryption, 0103 physical sciences, 0202 electrical engineering, electronic engineering, information engineering, Media Technology, QA, 010301 acoustics, business.industry, Computer Science Applications, TA, Hardware and Architecture, Probabilistic encryption, Signal Processing, 40-bit encryption, 56-bit encryption, 020201 artificial intelligence & image processing, Attribute-based encryption, On-the-fly encryption, business, computer, Cryptography and Security (cs.CR), 94A60, Software

Abstract

This paper analyzes the security of an image encryption algorithm proposed by Ye and Huang [\textit{IEEE MultiMedia}, vol. 23, pp. 64-71, 2016]. The Ye-Huang algorithm uses electrocardiography (ECG) signals to generate the initial key for a chaotic system and applies an autoblocking method to divide a plain image into blocks of certain sizes suitable for subsequent encryption. The designers claimed that the proposed algorithm is "strong and flexible enough for practical applications". In this paper, we perform a thorough analysis of their algorithm from the view point of modern cryptography. We find it is vulnerable to the known plaintext attack: based on one pair of a known plain-image and its corresponding cipher-image, an adversary is able to derive a mask image, which can be used as an equivalent secret key to successfully decrypt other cipher-images encrypted under the same key with a non-negligible probability of 1/256. Using this as a typical counterexample, we summarize security defects in the design of the Ye-Huang algorithm. The lessons are generally applicable to many other image encryption schemes., 8 pages, 6 figures

Published

2018

163. On the security of a class of diffusion mechanisms for image encryption

Author

Gianluca Setti, Leo Yu Zhang, Fabio Pareschi, Yushu Zhang, Kwok-Wo Wong, Yuansheng Liu, Riccardo Rovatti, DIP. DI ELETTRONICA,INFORMATICA,SISTEMISTICA-DEIS, DIPARTIMENTO DI INGEGNERIA DELL'ENERGIA ELETTRICA E DELL'INFORMAZIONE 'GUGLIELMO MARCONI', Facolta' di INGEGNERIA, Da definire, AREA MIN. 09 - Ingegneria industriale e dell'informazione, Zhang, Leo Yu, Liu, Yuansheng, Pareschi, Fabio, Zhang, Yushu, Wong, Kwok-Wo, Rovatti, Riccardo, and Setti, Gianluca

Subjects

Cryptanalysis, Diffusion, Image encryption, Plaintext attack, Software, Control and Systems Engineering, Information Systems, Human-Computer Interaction, Computer Science Applications, Computer Vision and Pattern Recognition, Electrical and Electronic Engineering, FOS: Computer and information sciences, Computer Science - Cryptography and Security, Theoretical computer science, Computer science, Cryptography, Information System, 02 engineering and technology, Encryption, law.invention, Multiple encryption, law, Computer Science Applications1707 Computer Vision and Pattern Recognition, 0202 electrical engineering, electronic engineering, information engineering, Cryptosystem, Artificial Intelligence & Image Processing, Key schedule, Computer Science::Cryptography and Security, Cryptographic primitive, Deterministic encryption, Image encryption, Cryptanalysis, Diffusion, Plaintext attack, Permutation, Deniable encryption, Symmetric-key algorithm, 56-bit encryption, 020201 artificial intelligence & image processing, Cryptography and Security (cs.CR), Key Wrap, Plaintext-aware encryption, Differential cryptanalysis, Permutation, NO, Watermarking attack, Block cipher, business.industry, 020206 networking & telecommunications, Plaintext, Ciphertext indistinguishability, Probabilistic encryption, 40-bit encryption, Key (cryptography), business, Ciphertext-only attack

Abstract

The need for fast and strong image cryptosystems motivates researchers to develop new techniques to apply traditional cryptographic primitives in order to exploit the intrinsic features of digital images. One of the most popular and mature technique is the use of complex ynamic phenomena, including chaotic orbits and quantum walks, to generate the required key stream. In this paper, under the assumption of plaintext attacks we investigate the security of a classic diffusion mechanism (and of its variants) used as the core cryptographic rimitive in some image cryptosystems based on the aforementioned complex dynamic phenomena. We have theoretically found that regardless of the key schedule process, the data complexity for recovering each element of the equivalent secret key from these diffusion mechanisms is only O(1). The proposed analysis is validated by means of numerical examples. Some additional cryptographic applications of our work are also discussed., Comment: 16 pages, 7 figures

Published

2018

164. Securely outsourcing the ciphertext-policy attribute-based encryption

Author

Kim Nguyen, Nouha Oualha, Maryline Laurent, Services répartis, Architectures, MOdélisation, Validation, Administration des Réseaux (SAMOVAR), Institut Mines-Télécom [Paris] (IMT)-Télécom SudParis (TSP), Laboratoire d'Intégration des Systèmes et des Technologies (LIST), Direction de Recherche Technologique (CEA) (DRT (CEA)), Commissariat à l'énergie atomique et aux énergies alternatives (CEA)-Commissariat à l'énergie atomique et aux énergies alternatives (CEA), Centre National de la Recherche Scientifique (CNRS), Département Intelligence Ambiante et Systèmes Interactifs (DIASI), Commissariat à l'énergie atomique et aux énergies alternatives (CEA)-Commissariat à l'énergie atomique et aux énergies alternatives (CEA)-Direction de Recherche Technologique (CEA) (DRT (CEA)), Commissariat à l'énergie atomique et aux énergies alternatives (CEA)-Commissariat à l'énergie atomique et aux énergies alternatives (CEA)-Université Paris-Saclay, Réseaux, Systèmes, Services, Sécurité (R3S-SAMOVAR), Institut Mines-Télécom [Paris] (IMT)-Télécom SudParis (TSP)-Institut Mines-Télécom [Paris] (IMT)-Télécom SudParis (TSP), Département Réseaux et Services de Télécommunications (RST), Laboratoire d'Intégration des Systèmes et des Technologies (LIST (CEA)), and Département Réseaux et Services de Télécommunications (TSP - RST)

Subjects

Plaintext-aware encryption, Computer Networks and Communications, Computer science, Access control, 02 engineering and technology, Data_CODINGANDINFORMATIONTHEORY, computer.software_genre, Encryption, Computer security, Disk encryption hardware, Public-key cryptography, Multiple encryption, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI], Email encryption, Ciphertext, 0202 electrical engineering, electronic engineering, information engineering, Security rules, Secure outsourcing, business.industry, Sensors, Authorization, Client-side encryption, 020207 software engineering, Adversary, Disk encryption theory, C program, Bus encryption, Deterministic encryption, Disk encryption, Hardware and Architecture, Probabilistic encryption, Privacy, 40-bit encryption, 56-bit encryption, Keyfile, 020201 artificial intelligence & image processing, Attribute-based encryption, Link encryption, On-the-fly encryption, business, computer, Software

Abstract

Attribute-based Encryption (ABE) is a new and promising public key encryption that allows fine-grained authorization on data based on user attributes. Such property is favorable for multiple applications that require encrypted storage or access control on data, in particular: eHealth applications. However, ABE schemes are known not to be efficient in the encryption phase because ciphertext size and the time required to encrypt grow with the complexity of the access policy. Such drawback is critical in the context of pervasive computing, for instance, in the Internet of Things, where data producers are usually resource-constrained devices, e.g. smart phones or sensing platforms. In this work, we propose OEABE standing for Outsourcing mechanism for the Encryption of Ciphertext-Policy ABE (CP-ABE). We show how a user can offload expensive operations of CP-ABE encryption to a semi-trusted party in a secure manner. Our proposed mechanism requires only one exponentiation on resource-constrained devices. We provide also an informal security analysis of possible attacks from a semi-honest adversary against the proposed solution. To demonstrate the performance gains of our mechanism, we first conducted a performance estimation on an emulated Wismote sensor platform. Then, we implemented our proposal and did comparison to an existing implementation of CP-ABE on a laptop.

Published

2018

165. AES datapath optimization strategies for low-power low-energy multisecurity-level internet-of-things applications

Author

Diego Puschini, Edith Beigne, Xuan-Tu Tran, Simone Bacles-Min, Duy-Hieu Bui, Commissariat à l'énergie atomique et aux énergies alternatives - Laboratoire d'Electronique et de Technologie de l'Information (CEA-LETI), Direction de Recherche Technologique (CEA) (DRT (CEA)), Commissariat à l'énergie atomique et aux énergies alternatives (CEA)-Commissariat à l'énergie atomique et aux énergies alternatives (CEA), and Vietnam National University [Hanoï] (VNU)

Subjects

business.industry, Computer science, 020208 electrical & electronic engineering, Advanced Encryption Standard, AES implementations, 02 engineering and technology, Energy consumption, Encryption, 020202 computer hardware & architecture, [SPI]Engineering Sciences [physics], Hardware and Architecture, Embedded system, Datapath, 0202 electrical engineering, electronic engineering, information engineering, 56-bit encryption, Key (cryptography), 40-bit encryption, Electrical and Electronic Engineering, business, Software, Block cipher

Abstract

International audience; Connected devices are getting attention because of the lack of security mechanisms in current Internet-of-Thing (IoT) products. The security can be enhanced by using standardized and proven-secure block ciphers as advanced encryption standard (AES) for data encryption and authentication. However, these security functions take a large amount of processing power and power/energy consumption. In this paper, we present our hardware optimization strategies for AES for high-speed ultralow-power ultralow-energy IoT applications with multiple levels of security. Our design supports multiple security levels through different key sizes, power and energy optimization for both datapath and key expansion. The estimated power results show that our implementation may achieve an energy per bit comparable with the lightweight standardized algorithm PRESENT of less than 1 pJ/b at 10 MHz at 0.6 V with throughput of 28 Mb/s in ST FDSOI 28-nm technology. In terms of security evaluation, our proposed datapath, 32-b key out of 128 b cannot be revealed by correlation power analysis attack using less than 20 000 traces.

Published

2017

166. A Secure Encryption/Decryption Technique using Transcendental Number

Author

M. Ranjith Kumar and Sanjeev Kumar

Subjects

Theoretical computer science, business.industry, Computer science, Encryption, Computer security, computer.software_genre, Multiple encryption, Filesystem-level encryption, Probabilistic encryption, 40-bit encryption, 56-bit encryption, Attribute-based encryption, On-the-fly encryption, business, computer

Abstract

The rapid change in communication and network technology makes the transfer of secret message/information through insecure channel highly vulnerable. Hence the security of information exchanged becomes a critical and imperative issue. Towards this direction, we examine the new encryption/decryption technique with digital signature using the decimal expansion of transcendental number is obtained.

Published

2015

167. Robust stream-cipher mode of authenticated encryption for secure communication in wireless sensor network

Author

Prosanta Gope and Tzonelih Hwang

Subjects

Authenticated encryption, Computer Networks and Communications, Computer science, business.industry, Data_MISCELLANEOUS, 020206 networking & telecommunications, 02 engineering and technology, Computer security, computer.software_genre, Encryption, Multiple encryption, Filesystem-level encryption, Probabilistic encryption, 0202 electrical engineering, electronic engineering, information engineering, 56-bit encryption, 40-bit encryption, 020201 artificial intelligence & image processing, On-the-fly encryption, business, computer, Information Systems, Computer network

Abstract

Authenticated Encryption is a cryptographic process of providing confidentiality and integrity protection of messages in a single pass without any support of conventional checksum, Message Authentication Code MAC, or hash function. In this paper, at first, we show that how to construct the stream-cipher-based Authenticated Encryption environment, where the key-stream is generated from any secure block algorithm like Advanced Encryption Standard. In order to do that, we introduce two stream-cipher modes of Authenticated Encryption, namely, PFC-CTR Counter-based Authenticated Encryption environment and PFC-OCB OCB-based Authenticated Encryption environment, which are quite robust against several active attacks, for example, message stream modification attacks, known-plain-text attacks, and chosen-plain-text attacks, and at the same time, they can also efficiently deal with some other issues like "limited error propagation" existing in several conventional stream-cipher modes of operation like Cipher Feedback, Output Feedback, and Counter. Finally, we enforce the concept of Authenticated Encryption in the sense of data communication security of the wireless sensor network WSN, Global Mobility Networks GLOMONET, and Cloud Computing environment, where only encryption can guarantee both the privacy and integrity in a single pass with the assurance of reasonable computational overhead. Copyright © 2015 John Wiley & Sons, Ltd.

Published

2015

168. Properties of gsw and their applications

Author

Tan Zhenlin, Zhou Tanping, Zhang Wei, and Yang Xiaoyuan

Subjects

Scheme (programming language), Theoretical computer science, Computer Networks and Communications, Computer science, business.industry, Homomorphic encryption, Cryptographic protocol, Encryption, Probabilistic encryption, 56-bit encryption, Electrical and Electronic Engineering, business, Algorithm, computer, computer.programming_language

Abstract

In CRYPTO'13, Gentry et al. proposed a fully homomorphic encryption scheme, called GSW. We find that the scheme has three special properties, which are not sufficiently recognized and applied in current literatures.

Published

2015

169. A secure and efficient Ciphertext-Policy Attribute-Based Proxy Re-Encryption for cloud data sharing

Author

Man Ho Au, Kaitai Liang, Joseph K. Liu, Willy Susilo, Anjia Yang, Yong Yu, Guomin Yang, and Duncan S. Wong

Subjects

Delegate, Plaintext-aware encryption, Computer Networks and Communications, Computer science, Cryptography, 02 engineering and technology, Computer security, computer.software_genre, Encryption, Multiple encryption, Malleability, Filesystem-level encryption, Ciphertext, 0202 electrical engineering, electronic engineering, information engineering, Functional encryption, Key generation, Cryptographic primitive, business.industry, Client-side encryption, 020206 networking & telecommunications, Proxy re-encryption, Deterministic encryption, Ciphertext indistinguishability, Hardware and Architecture, Probabilistic encryption, 56-bit encryption, 40-bit encryption, 020201 artificial intelligence & image processing, Attribute-based encryption, On-the-fly encryption, business, Semantic security, computer, Software, Computer network

Abstract

Proxy Re-Encryption (PRE) is a useful cryptographic primitive that allows a data owner to delegate the access rights of the encrypted data stored on a cloud storage system to others without leaking the information of the data to the honest-but-curious cloud server. It provides effectiveness for data sharing as the data owner even using limited resource devices (e.g. mobile devices) can offload most of the computational operations to the cloud. Since its introduction many variants of PRE have been proposed. A Ciphertext-Policy Attribute-Based Proxy Re-Encryption (CP-ABPRE), which is regarded as a general notion for PRE, employs the PRE technology in the attribute-based encryption cryptographic setting such that the proxy is allowed to convert an encryption under an access policy to another encryption under a new access policy. CP-ABPRE is applicable to many network applications, such as network data sharing. The existing CP-ABPRE systems, however, leave how to achieve adaptive CCA security as an interesting open problem. This paper, for the first time, proposes a new CP-ABPRE to tackle the problem by integrating the dual system encryption technology with selective proof technique. Although the new scheme supporting any monotonic access structures is built in the composite order bilinear group, it is proven adaptively CCA secure in the standard model without jeopardizing the expressiveness of access policy. We further make an improvement for the scheme to achieve more efficiency in the re-encryption key generation and re-encryption phases. This paper proposes a new Ciphertext-Policy Attribute-Based Proxy Re-Encryption scheme.The scheme is proved adaptively chosen ciphertext secure by leveraging dual system encryption technology and selective proof technique.The paper also proposes an improvement for re-encryption key generation and re-encryption phases so as to reduce computational and communication cost.

Published

2015

170. Efficient selective image encryption

Author

Ahmed M. Ayoup, Mahmoud A. Attia, and Amr H. Hussein

Subjects

Plaintext-aware encryption, Computer Networks and Communications, business.industry, Computer science, Encryption software, Advanced Encryption Standard, AES implementations, 020206 networking & telecommunications, 020207 software engineering, 02 engineering and technology, Encryption, Disk encryption hardware, Disk encryption theory, Deterministic encryption, Multiple encryption, Computer engineering, Hardware and Architecture, Probabilistic encryption, 0202 electrical engineering, electronic engineering, information engineering, Media Technology, 56-bit encryption, 40-bit encryption, business, Algorithm, Software

Abstract

Selective image encryption has a significant importance in many applications as it offers significant savings in computations, cost, and time. Many attempts are exerted for this purpose as the traditional full image encryption/decryption algorithms may be too massive. In this paper, a new technique for selective image encryption is developed. The algorithm is based on a combination between the pseudo random number sequences, Arnold permutation, and the advanced encryption standard technique. The proposed technique is intended to reduce the execution time of the encryption process and increase the robustness of the encrypted image.

Published

2015

171. The image encryption algorithm with plaintext-related shuffling

Author

Yong Zhang

Subjects

Theoretical computer science, Computer science, business.industry, 020207 software engineering, Plaintext, Data_CODINGANDINFORMATIONTHEORY, 02 engineering and technology, computer.software_genre, Encryption, Multiple encryption, Filesystem-level encryption, Probabilistic encryption, 0202 electrical engineering, electronic engineering, information engineering, 40-bit encryption, 56-bit encryption, 020201 artificial intelligence & image processing, Electrical and Electronic Engineering, On-the-fly encryption, business, computer, Algorithm

Abstract

This paper proposed a plaintext-related image encryption system, which employed the hyper-chaotic system to generate the secret code streams used for encryption. The encryption algorithm includes two plaintext-unrelated diffusion operations and one plaintext-related shuffling. Due to the use of plaintext-related shuffling, the proposed encryption system can resist the chosen/known plaintext attacks. Simulation results show that the proposed system has many good characters, such as fast encryption speed, large key space, high key sensitivity, effectively resisting differential attack, noise-like cipher-text image, etc., and thus can be used in actual communications.

Published

2015

172. Efficient and secure multi-functional searchable symmetric encryption schemes

Author

Lidong Han, Siu Ming Yiu, and Changhui Hu

Subjects

Information retrieval, Database, Computer Networks and Communications, business.industry, Computer science, Nearest neighbor search, Client-side encryption, 02 engineering and technology, computer.software_genre, Encryption, Inverted index, Probabilistic encryption, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, 56-bit encryption, 40-bit encryption, 020201 artificial intelligence & image processing, On-the-fly encryption, business, computer, Information Systems

Abstract

There is an increasing trend for data owners to outsource their data to an untrusted cloud provider. Besides providing the storage for the data, the service provider could allow the data owner or authorized clients to search over the data. To guarantee the data secure, the owner must encrypt his or her data before sending to the cloud. However, traditional encryption does not allow searching without decrypting the data. Searchable symmetric encryption is one approach that allows users to search over the encrypted data. For data applications, various different functional search have been proposed, such as wildcard search, similarity keyword search and fuzzy keyword search. Moreover, dynamic addition and removal of files should be supported in practice. However, to our knowledge, there does not exist a searchable symmetric encryption scheme that can support many properties such as more than three functions in all the aforementioned operations. In this paper, we propose an efficient multi-functional searchable symmetric encryption scheme that can support wildcard search, similarity search including hamming distance and edit distance, fuzzy keyword search and disjunctive keyword search simultaneously. In the new scheme, the trapdoor changes with various search requests and it enumerates all possibilities of the keyword of the trapdoor. Moreover, we use an array instead of a matrix to reduce the storage, and the scheme can be constructed efficiently in terms of both computational and space complexity. Our scheme is based on the Bloom filter, and it is secure against non-adaptive chosen keyword attack. With the dynamic technique for the inverted index, our scheme can support dynamic operation such as addition and removal of data files, which can also be secure against adaptive chosen keyword attack. Copyright © 2015 John Wiley & Sons, Ltd.

Published

2015

173. Fastest Access of Secured Data in Cloud storage by using Attribute-based Encryption

Author

Ramiz Shaikh and Ankit Dongre

Subjects

Cloud computing security, business.industry, Computer science, Homomorphic encryption, Client-side encryption, Cloud computing, computer.software_genre, Encryption, Computer security, Disk encryption hardware, Filesystem-level encryption, 40-bit encryption, 56-bit encryption, Keyfile, Link encryption, Attribute-based encryption, On-the-fly encryption, business, computer, Cloud storage, Computer network

Abstract

Cloud security is the most critical task while considering its working environment, i.e. outsourced, distributed and utility based. In such cases making the users data confidential, increases the trust over the system. Also the security procedure does not make the availability affected in any ways. The users of these kind of systems is always retained the services and securities preliminaries with respect to the data itself. As the cloud user can access its data frequently and if here some encryption is used which requires decryption and the repetitive process continues to increase the overheads. It requires some mechanism in which encryption is performed and if the user requires to perform some operations on secure file without decrypting it can be fulfilled. Thus homomorphic encryption lets the user facilitates about the performing operations on encrypted data which reduces the complexity of confidentiality operations. Also to prevent Cloud Servers from being able to learn both the data file contents and user access privilege information used to generate key along with the fastest access of secured data by using Attribute-based encryption (ABE).

Published

2015

174. Physical layer encryption scheme using finite‐length polar codes

Author

Mohammad Reza Aref, Reza Hooshmand, and Taraneh Eghlidos

Subjects

Theoretical computer science, business.industry, Computer science, Data_CODINGANDINFORMATIONTHEORY, Encryption, Computer Science Applications, Symmetric-key algorithm, Probabilistic encryption, 56-bit encryption, Key (cryptography), 40-bit encryption, Attribute-based encryption, Electrical and Electronic Engineering, business, Key size, Computer network

Abstract

In this study, by exploiting the properties of finite-length polar codes, the authors introduce a physical layer encryption scheme to make secure (from a computational security perspective) and efficient communication between a sender (Alice) and a legitimate receiver (Bob) against both active and passive attacks, simultaneously. To prevent active attacks, two techniques are considered: (i) a novel method is introduced to keep the generator matrix of polar code secret from an active attacker (Oscar); (ii) a proper joint polar encoding/encryption algorithm based on the hidden generator matrix is introduced. Two additional strategies are considered against passive attacks: (i) a new method is introduced to partition the bit-channels into good and bad bit-channels and then the scrambled information bits are transmitted over those bit-channels that are good for Bob but bad for a passive attacker (Eve); (ii) the secret key cryptography is implemented at the physical layer, such that Eve cannot decode the eavesdropped data without the knowledge of the secret key shared between the authorised parties. Besides, this study discusses efficiency analysis results consisting key size, error performance and computational complexity of the proposed scheme.

Published

2015

175. Revisiting Attribute-Based Encryption With Verifiable Outsourced Decryption

Author

Hui Ma, Rui Zhang, Shuai Lin, and Ming-Wei Wang

Subjects

Theoretical computer science, Plaintext-aware encryption, Computer Networks and Communications, Computer science, Data_CODINGANDINFORMATIONTHEORY, Encryption, computer.software_genre, Computer security, Multiple encryption, Filesystem-level encryption, Ciphertext, Key encapsulation, Safety, Risk, Reliability and Quality, business.industry, Client-side encryption, Plaintext, Deterministic encryption, Symmetric-key algorithm, Probabilistic encryption, 56-bit encryption, 40-bit encryption, Commitment scheme, Verifiable secret sharing, Link encryption, Attribute-based encryption, On-the-fly encryption, business, computer

Abstract

Attribute-based encryption (ABE) is a promising technique for fine-grained access control of encrypted data in a cloud storage, however, decryption involved in the ABEs is usually too expensive for resource-constrained front-end users, which greatly hinders its practical popularity. In order to reduce the decryption overhead for a user to recover the plaintext, Green et al. suggested to outsource the majority of the decryption work without revealing actually data or private keys. To ensure the third-party service honestly computes the outsourced work, Lai et al. provided a requirement of verifiability to the decryption of ABE, but their scheme doubled the size of the underlying ABE ciphertext and the computation costs. Roughly speaking, their main idea is to use a parallel encryption technique, while one of the encryption components is used for the verification purpose. Hence, the bandwidth and the computation cost are doubled. In this paper, we investigate the same problem. In particular, we propose a more efficient and generic construction of ABE with verifiable outsourced decryption based on an attribute-based key encapsulation mechanism, a symmetric-key encryption scheme and a commitment scheme. Then, we prove the security and the verification soundness of our constructed ABE scheme in the standard model. Finally, we instantiate our scheme with concrete building blocks. Compared with Lai et al. ’s scheme, our scheme reduces the bandwidth and the computation costs almost by half.

Published

2015

176. Attacks on the Authenticated Encryption Mode of Operation PAE

Author

Debrup Chakraborty and Mridul Nandi

Subjects

Authenticated encryption, Block cipher mode of operation, Key Wrap, Computer science, Sponge function, Cryptography, Library and Information Sciences, Computer security, computer.software_genre, Encryption, Watermarking attack, Multiple encryption, Authentication, business.industry, Computer Science Applications, Disk encryption theory, Deterministic encryption, Disk encryption, Probabilistic encryption, OCB mode, 56-bit encryption, 40-bit encryption, On-the-fly encryption, business, computer, Information Systems, Computer network

Abstract

We show several concrete attacks on an authenticated encryption (AE) scheme PAE, which appeared in the IEEE TRANSACTIONS ON INFORMATION THEORY, vol. 56, no. 8, pp. 4025–4037. In addition, we show some flaws and oversights in the analysis (presented in the same paper) used to prove PAE to be a secure AE scheme.

Published

2015

177. Parallel search over encrypted data under attribute based encryption on the Cloud Computing

Author

Abdellah Kaci and Thouraya Bouabana-Tebibel

Subjects

Cryptographic access control, Plaintext-aware encryption, General Computer Science, Computer science, Cloud computing, Access control, computer.software_genre, Encryption, Computer security, Disk encryption hardware, Multiple encryption, Filesystem-level encryption, business.industry, Client-side encryption, Disk encryption theory, Bus encryption, Disk encryption, Probabilistic encryption, 40-bit encryption, 56-bit encryption, Link encryption, Attribute-based encryption, On-the-fly encryption, business, Law, computer, Computer network

Abstract

Data confidentiality in the Cloud Computing is a very challenging task. Encryption is one of the most secure methods ensuring this task, and searchable encryption techniques are used to search on encrypted data without the need for decryption. But, despite this secure measure some leaks may appear when searching over data. In this article, we propose to improve confidentiality of outsourced data. We are particularly interested in reinforcing the access control on the search result, when the search is performed over encrypted data. The property behind this aspect of security is known as ACAS (Access Control Aware Search) principle. We present a hybridization of Searchable Encryption and Attribute Based Encryption techniques in order to satisfy the ACAS property. The proposed model supports a personalized and secure multi-user access to outsourced data, presenting high search performance. It deals with multi-keywords searches and is designed to speed up the search time by taking advantage of High Performance Computing, which is widely used in Cloud Computing. Two Attribute Based Encryption techniques are considered on the side of the Cloud and some conducted experiments show the efficiency of the proposed method.

Published

2015

178. A novel authenticated encryption scheme and its extension

Author

Jianhong Zhang, Cheng Ji, and Xubing Zhao

Subjects

Authenticated encryption, Information Systems and Management, business.industry, Computer science, Distributed computing, Data_MISCELLANEOUS, Sponge function, Encryption, computer.software_genre, Computer Science Applications, Theoretical Computer Science, Random oracle, Deterministic encryption, Multiple encryption, Filesystem-level encryption, Digital signature, Artificial Intelligence, Control and Systems Engineering, Probabilistic encryption, 56-bit encryption, 40-bit encryption, On-the-fly encryption, business, computer, Software

Abstract

An authenticated encryption scheme is a message transmission scheme, which can send a message in a secure and authentic way, and allows the specified recipient to simultaneously recover and verify the validity of a message. In the large message transmission, traditional authenticated encryption schemes have the disadvantages that communication overheads and the computation costs are too high. In this work, we propose a secure authentication encryption scheme and show that the scheme is secure in the random oracle model. In comparison with Lv et al.'s scheme and Li et al.'s scheme, our proposed scheme is the most efficient one in terms of computation complexity and communication cost. Finally, we extend our proposed scheme to adapt to the authenticated encryption for a large message, which is secure against the message block being reordered, replicated or partially deleted during transmission.

Published

2015

179. Fully secure anonymous spatial encryption under affine space delegation functionality revisited

Author

Ratna Dutta and Y. Sreenivasa Rao

Subjects

Plaintext-aware encryption, Computer Networks and Communications, Computer science, business.industry, Computer security, computer.software_genre, Encryption, Multiple encryption, Probabilistic encryption, 56-bit encryption, 40-bit encryption, Attribute-based encryption, Safety, Risk, Reliability and Quality, Semantic security, business, computer, Software

Abstract

Recently, in Information Sciences, Zhang et?al. (2014) claimed that they proposed the first anonymous spatial encryption under affine space delegation functionality with full security, which solves the open problems of full security proposed in Boneh and Hamburg (2008) and anonymity left in Boneh and Hamburg (2008) and Moriyama and Doi (2011). In this paper, we show their construction cannot achieve recipient anonymity as the ciphertext terms leak information about the encryption vector. Hence realizing anonymous spatial encryption with full security is still an open problem. We propose a new fully secure anonymous spatial encryption under an affine space delegation mechanism that addresses the open problem positively. Our construction utilizes composite order bilinear groups where the group order is a product of four primes and achieves the same efficiency as that of the Zhang et?al. (2014) construction. Under some well-established cryptographic assumptions, the proposed construction is proven to be fully semantically secure with anonymity in the standard model within the dual encryption system framework.

Published

2015

180. A shareable keyword search over encrypted data in cloud computing

Author

Hung-Min Sun, Raylin Tso, Chi-Yao Weng, Lun-Pin Yuan, Li Xu, and Mu-En Wu

Subjects

Information privacy, Computer science, Access control, Cloud computing, Cryptography, 02 engineering and technology, computer.software_genre, Encryption, Theoretical Computer Science, Filesystem-level encryption, Server, 0202 electrical engineering, electronic engineering, information engineering, Database, business.industry, Client-side encryption, 020206 networking & telecommunications, ID-based encryption, Hardware and Architecture, 40-bit encryption, 56-bit encryption, 020201 artificial intelligence & image processing, On-the-fly encryption, business, computer, Cloud storage, Software, Information Systems, Computer network

Abstract

Cloud storage is one of the most important applications in our daily lives. User can store their own data into cloud storage and remotely access the saved data. Owing to the social media develops, users can share the digital files to other users, leading to the amount of data growing rapidly and searching abilities necessarily. In the some cases, servers cannot avoid data leakage even if the server provides complete access control. The encrypted data is a best way to resolve this problem but it may eliminate original structure and searching may become impossible. Applying searchable encryption for each receiver may produce messy duplication and occupy the quota of cloud storage from each receiver. User requires keeping their shared documents belonging up to date which are compared with the latest version. To this aim, we thus propose a sharable ID-based encryption with keyword search in cloud computing environment, which enables users to search in data owners’ shared storage while preserving privacy of data. For the performance analysis, we demonstrate the compared resultant with others ID-based or ID-relative encryption. In addition to that, we show the formal proof to verify the security of our proposed.

Published

2015

181. A Systematic Assessment of the Security of Full Disk Encryption

Author

Felix C. Freiling and Tilo Müller

Subjects

business.industry, Computer science, Client-side encryption, Computer security, computer.software_genre, Encryption, Disk encryption hardware, Disk encryption theory, Disk encryption, Strong cryptography, 56-bit encryption, Electrical and Electronic Engineering, On-the-fly encryption, business, computer

Abstract

Organizations as well as private users frequently report the loss and theft of mobile devices such as laptops and smartphones. The threat of data exposure in such scenarios can be mitigated by protection mechanisms based on encryption. Full disk encryption (FDE) is an effective method to protect data against unauthorized access. FDE can generally be classified into software- and hardware-based solutions. We assess the practical security that users can expect from these FDE solutions regarding physical access threats. We assume that strong cryptography like AES cannot be broken but focus on vulnerabilities arising from practical FDE implementations. We present the results of a comprehensive and systematic comparison of the security of software- and hardware-based FDE. Thereby, we exhibit attacks on widespread FDE standards in many common scenarios and different system configurations. As a result, we show that neither software- nor hardware-based FDE provides perfect security, nor is one clearly superior to the other.

Published

2015

182. Simple Matrix – A Multivariate Public Key Cryptosystem (MPKC) for Encryption

Author

Albrecht Petzoldt, Jintai Ding, Chengdong Tao, and Hong Xiang

Subjects

Algebra and Number Theory, Theoretical computer science, business.industry, Applied Mathematics, General Engineering, Encryption, Theoretical Computer Science, Deterministic encryption, Multiple encryption, Probabilistic encryption, 56-bit encryption, 40-bit encryption, Attribute-based encryption, business, Multivariate cryptography, Mathematics

Abstract

Proposal of a new multivariate encryption scheme.Improvement of the SimpleMatrix scheme of PQCrypto 2013.Faster decryption.Probability of decryption failures is reduced. Multivariate cryptography is one of the main candidates to guarantee the security of communication in the presence of quantum computers. While there exist a large number of secure and efficient multivariate signature schemes, the number of practical multivariate encryption schemes is somewhat limited. In this paper we present our results on creating a new multivariate encryption scheme, which is an extension of the original SimpleMatrix encryption scheme of PQCrypto 2013. Our scheme allows fast en- and decryption and resists all known attacks against multivariate cryptosystems. Furthermore, we present a new idea to solve the decryption failure problem of the original SimpleMatrix encryption scheme.

Published

2015

183. Security Analysis on One-to-Many Order Preserving Encryption-Based Cloud Data Search

Author

Weiming Zhang, Nenghai Yu, Ce Yang, and Ke Li

Subjects

Information retrieval, Computer Networks and Communications, business.industry, Computer science, Client-side encryption, Encryption, computer.software_genre, Watermarking attack, Deterministic encryption, Multiple encryption, Filesystem-level encryption, Probabilistic encryption, 56-bit encryption, 40-bit encryption, Link encryption, Data mining, Attribute-based encryption, On-the-fly encryption, Safety, Risk, Reliability and Quality, business, computer

Abstract

For ranked search in encrypted cloud data, order preserving encryption (OPE) is an efficient tool to encrypt relevance scores of the inverted index. When using deterministic OPE, the ciphertexts will reveal the distribution of relevance scores. Therefore, Wang et al. proposed a probabilistic OPE, called one-to-many OPE, for applications of searchable encryption, which can flatten the distribution of the plaintexts. In this paper, we proposed a differential attack on one-to-many OPE by exploiting the differences of the ordered ciphertexts. The experimental results show that the cloud server can get a good estimate of the distribution of relevance scores by a differential attack. Furthermore, when having some background information on the outsourced documents, the cloud server can accurately infer the encrypted keywords using the estimated distributions.

Published

2015

184. Security analysis of a privacy-preserving decentralized ciphertext-policy attribute-based encryption scheme

Author

Minqian Wang, Zhenfeng Zhang, and Cheng Chen

Subjects

020203 distributed computing, Computer Networks and Communications, Computer science, Privacy software, business.industry, Data_MISCELLANEOUS, Client-side encryption, 02 engineering and technology, Computer security, computer.software_genre, Encryption, Computer Science Applications, Theoretical Computer Science, Identifier, Computational Theory and Mathematics, Probabilistic encryption, Ciphertext, 0202 electrical engineering, electronic engineering, information engineering, 56-bit encryption, 020201 artificial intelligence & image processing, Attribute-based encryption, business, computer, Software

Abstract

As it does not require a central authority or the cooperation among multiple authorities, decentralized attribute-based encryption is an efficient and flexible multi-authority attribute-based encryption system. In most existing multi-authority attribute-based encryption schemes, a global identifier GID is introduced to act as the linchpin to resist collusion attacks. Because GID as well as some sensitive attributes used to apply for secret keys will lead to the compromise of user's privacy, some schemes towards solving these privacy issues have been proposed. Nevertheless, only the privacy of GID was considered in prior works. Recently in ESORICS 2014, Han et al. put forward a privacy-preserving decentralized ciphertext-policy attribute-based encryption scheme in the standard model to address the additive privacy of attributes. In their work, a privacy-preserving key extract protocol is presented to protect both user's identifier and attributes. In this paper, we point out the security weakness of the scheme of Han et al. We present a collusion attack on their basic decentralized ciphertext-policy attribute-based encryption scheme and additionally show that the privacy protection of attributes in their privacy-preserving key extract protocol cannot be provided. Copyright © 2015 John Wiley & Sons, Ltd.

Published

2015

185. A Modified Advanced Encryption Standard Algorithm for Image Encryption

Author

Ari Shawkat Tahir

Subjects

business.industry, Computer science, Advanced Encryption Standard, Client-side encryption, Cryptography, Computer security, computer.software_genre, Encryption, Disk encryption theory, Computer engineering, 56-bit encryption, Advanced Encryption Standard process, business, computer, Block cipher

Abstract

Cryptography algorithms are becoming more necessary to ensure secure data transmission, which can be used in several applications. Increasing use of images in industrial process therefore it is essential to protect the confidential image data from unauthorized access. Advanced Encryption Standard (AES) is a well- known block cipher that has many benefits in data encryption process. In this paper, proposed some modification to the Advanced Encryption Standard (M-AES) to increase and reaching high level security and enhance image encryption. The modification is done by modifying the ShiftRow Transformation. Detailed results in terms of security analysis and implementation are given. Comparing the proposed algorithm with the original AES encryption algorithm shows that the proposed M-AES has more security from the cryptographic view and gives better result of security against statistical attack.

Published

2015

186. Compact Anonymous Hierarchical Identity-Based Encryption with Constant Size Private Keys: TABLE 1

Author

Yi Mu, Leyou Zhang, and Qing Wu

Subjects

Theoretical computer science, General Computer Science, business.industry, 020206 networking & telecommunications, 02 engineering and technology, Encryption, Computer security, computer.software_genre, Filesystem-level encryption, Probabilistic encryption, 0202 electrical engineering, electronic engineering, information engineering, 40-bit encryption, 56-bit encryption, Identity (object-oriented programming), 020201 artificial intelligence & image processing, business, Constant (mathematics), computer, Mathematics

Published

2015

187. XOR Encryption Versus Phase Encryption, an In-Depth Analysis

Author

Guang Gong and Fei Huo

Subjects

Theoretical computer science, Plaintext-aware encryption, Computer science, business.industry, Condensed Matter Physics, Encryption, Atomic and Molecular Physics, and Optics, Disk encryption theory, Multiple encryption, Probabilistic encryption, 56-bit encryption, 40-bit encryption, Link encryption, Electrical and Electronic Engineering, business, Algorithm

Abstract

Encryptions are used in almost all standards to ensure the confidentiality of the data. Encryptions can be and indeed are implemented in the different layers of a network protocol stack. Conventional encryption performs the bitwise XOR operation between one message bit and one key stream bit to generate one ciphertext bit. Huo et al. have recently proposed to provide confidentialities on the user data by performing the phase encryption on the time domain OFDM samples in LTE system. Phase encryption is performed on the modulated symbols, different from the bit level of XOR encryption, i.e., stream cipher encryption. In this paper, we extend their study. We first generalize the phase encryption to general communication systems independent of the underlying modulation scheme. Then, we formulate the mathematical models for XOR and phase encryptions. Based on our model, we compare these two encryption methods in terms of their security and encryption efficiency. We also show phase encryption can resist traffic analysis attack when implemented in the physical layer. Finally, we conduct simulations to compare the performance of these two methods in terms of their decoding symbol error rate.

Published

2015

188. Symmetric searchable encryption with efficient range query using multi-layered linked chains

Author

Ku-Young Chang, Nam-Su Jho, Changho Seo, and Dowon Hong

Subjects

Computer science, 02 engineering and technology, computer.software_genre, Encryption, Disk encryption hardware, Theoretical Computer Science, Public-key cryptography, Multiple encryption, Filesystem-level encryption, 0202 electrical engineering, electronic engineering, information engineering, 020203 distributed computing, Information retrieval, Cloud computing security, Database, business.industry, Client-side encryption, Cryptographic protocol, Disk encryption theory, Deterministic encryption, Symmetric-key algorithm, Disk encryption, Hardware and Architecture, Probabilistic encryption, 40-bit encryption, 56-bit encryption, Keyfile, 020201 artificial intelligence & image processing, Attribute-based encryption, Link encryption, On-the-fly encryption, business, Cloud storage, computer, Software, Information Systems

Abstract

Searchable encryption is an encryption system which provides confidentiality of stored documents and usability of document search at the same time. Remote cloud storage is the most typical application for searchable encryption. By applying searchable encryption, inside attacks can be prevented fundamentally. Designing searchable encryption which supports various queries--for example, range query, conjunctive keyword query, etc.--is also important for convenience. In this paper, we focus on range query problem. Up to now, only a few results have been proposed, in which the main functions are constructed using public key cryptosystems. Therefore, the amount of computations for encryption and search is large. Furthermore, search time depends on the size of the entire database. We propose a new searchable encryption protocol which is based on a symmetric key encryption and linked chain structure instead of public key-based techniques. The main contribution of the protocol is reducing the computation cost for search remarkably. In reality, the amount of computations depends on the number of documents that are matched to a query instead of the size of the entire database.

Published

2015

189. An Efficient Hardware Implementation of Lightweight Block Cipher LEA-128/192/256 for IoT Security Applications

Author

Mi-Ji Sung and Kyung-Wook Shin

Subjects

General Computer Science, business.industry, Computer science, Encryption, Disk encryption hardware, Deterministic encryption, Multiple encryption, Disk encryption, Probabilistic encryption, Embedded system, Key (cryptography), 56-bit encryption, 40-bit encryption, business, Computer hardware, Block cipher

Abstract

This paper describes an efficient hardware implementation of lightweight encryption algorithm LEA-128/192/256 which supports for three master key lengths of 128/192/256-bit. To achieve area-efficient and low-power implementation of LEA crypto- processor, the key scheduler block is optimized to share hardware resources for encryption/decryption key scheduling of three master key lengths. In addition, a parallel register structure and novel operating scheme for key scheduler is devised to reduce clock cycles required for key scheduling, which results in an increase of encryption/decryption speed by 20~30%. The designed LEA crypto-processor has been verified by FPGA implementation. The estimated performances according to master key lengths of 128/192/256-bit are 181/162/109 Mbps, respectively, at 113 MHz clock frequency.

Published

2015

190. Public-key encryption for protecting data in cloud system with intelligent agents against side-channel attacks

Author

Yongbin Zhou, Shanqing Guo, Pengtao Liu, Chengyu Hu, Yilei Wang, and Qiuliang Xu

Subjects

Key Wrap, Plaintext-aware encryption, Blinding, Computer science, Data_MISCELLANEOUS, Hash function, 0102 computer and information sciences, 02 engineering and technology, computer.software_genre, Encryption, Computer security, 01 natural sciences, Disk encryption hardware, Theoretical Computer Science, Public-key cryptography, Multiple encryption, 0202 electrical engineering, electronic engineering, information engineering, Side channel attack, business.industry, Client-side encryption, Adversary, Computer security model, Disk encryption theory, Deterministic encryption, Disk encryption, Symmetric-key algorithm, 010201 computation theory & mathematics, Probabilistic encryption, Information leakage, 56-bit encryption, 40-bit encryption, 020201 artificial intelligence & image processing, Homomorphism, Geometry and Topology, Attribute-based encryption, Link encryption, On-the-fly encryption, business, computer, Software

Abstract

Public-key encryption can be used to protect the sensitive data in cloud system with intelligent mobile agents facilitating better services. However, many public-key encryption schemes do not resist the side-channel attacks which can be applied to the encryption instances implemented on a chip or cloud to obtain partial information leakage about the secret states, as the traditional security model of public-key encryption does not capture this kind of attacks. Also, the adversary can inject fault to tamper with the secret key and observe the output of the public-key encryption scheme under this modified key which is called "related-key attacks". Inspired by these, the models of key-leakage attacks and related-key attacks are formalized, respectively. In this paper, we present a method to construct public-key encryption schemes against both weak key-leakage attacks and linear related-key attacks from extractable hash proof systems (EHPS or XHPS). Specifically, we first transform ABOEHPS to weak leakage-resilient ABOEHPS and add Key Homomorphism and Fingerprinting properties to it. Then, based on this new ABOEHPS, we construct weak leakage-resilient adaptive trapdoor relation with these two properties and public-key encryption schemes against both weak key-leakage attacks and linear related-key attacks can be constructed from it. Moreover, we propose a public-key encryption scheme against both adaptive key-leakage attacks and linear related-key attacks.

Published

2015

191. A Secure Reconfigurable Crypto IC With Countermeasures Against SPA, DPA, and EMA

Author

Xingyuan Fu, Weiwei Shan, and Zhipeng Xu

Subjects

Engineering, business.industry, Advanced Encryption Standard, Encryption, Computer Graphics and Computer-Aided Design, International Data Encryption Algorithm, Watermarking attack, Multiple encryption, Power analysis, Embedded system, 56-bit encryption, 40-bit encryption, Electrical and Electronic Engineering, business, Software

Abstract

A secure reconfigurable cryptographic co-processor supporting multiple algorithms of advanced encryption standard (AES), data encryption standard (DES), rivest cipher 6, and international data encryption algorithm is proposed using its own reconfigurable feature to resist side-channel attack (SCA). It is integrated into a system-on-chip and fabricated in $0.18~\boldsymbol {\mu }\text{m}$ CMOS process with 1.8 V supply voltage and 100 MHz max frequency. Several kinds of specific countermeasures are proposed to hide leakage information by utilizing idle reconfigurable processing elements to do dummy operations. Its advantages lie in its little impact on area and frequency as well as high flexibility after silicon that countermeasures can also be reconfigured. Furthermore, different protections including several kinds of global countermeasures and encryption flow related countermeasures can be stacked, thus the security level can be tuned by trading for some performance or power consumption. Experimental SCA attack results show that it resists simple power analysis and differential power analysis without revealing the subkey. For correlation-based electromagnetic analysis (EMA) of DES configuration, it increases $36\boldsymbol {\times } $ measure to disclosure when applied with partial countermeasures compared to unprotected DES. As to AES configuration with full countermeasures, it resists EMA with no sign to reveal the right subkey for up to 1.2 million electromagnetic traces.

Published

2015

192. A secure and efficient authenticated encryption for electronic payment systems using elliptic curve cryptography

Author

Mohammad Sabzinejad Farash, Husnain Naqvi, Muhammad Sher, and Shehzad Ashraf Chaudhry

Subjects

Authenticated encryption, Authentication, Computer science, business.industry, Data_MISCELLANEOUS, Economics, Econometrics and Finance (miscellaneous), 020206 networking & telecommunications, 02 engineering and technology, Encryption, computer.software_genre, Computer security, Human-Computer Interaction, 0202 electrical engineering, electronic engineering, information engineering, 40-bit encryption, 56-bit encryption, 020201 artificial intelligence & image processing, On-the-fly encryption, Elliptic curve cryptography, business, computer, Computer network, Signcryption

Abstract

The use of e-payment system for electronic trade is on its way to make daily life more easy and convenient. Contrarily, there are a number of security issues to be addressed, user anonymity and fair exchange have become important concerns along with authentication, confidentiality, integrity and non-repudiation. In a number of existing e-payment schemes, the customer pays for the product before acquiring it. Furthermore, many such schemes require very high computation and communication costs. To address such issues recently Yang et al. proposed an authenticated encryption scheme and an e-payment scheme based on their authenticated encryption. They excluded the need of digital signatures for authentication. Further they claimed their schemes to resist replay, man-in-middle, impersonation and identity theft attack while providing confidentiality, authenticity, integrity and privacy protection. However our analysis exposed that Yang et al.'s both authenticated encryption scheme and e-payment system are vulnerable to impersonation attack. An adversary just having knowledge of public parameters can easily masquerade as a legal user. Furthermore, we proposed improved authenticated encryption and e-payment schemes to overcome weaknesses of Yang et al.'s schemes. We prove the security of our schemes using automated tool ProVerif. The improved schemes are more robust and more lightweight than Yang et al.'s schemes which is evident from security and performance analysis.

Published

2015

193. Substring-Searchable Symmetric Encryption

Author

Melissa Chase and Emily Shen

Subjects

cloud storage, Ethics, Theoretical computer science, business.industry, Computer science, suffix trees, QA75.5-76.95, Encryption, BJ1-1725, Substring, Multiple encryption, Filesystem-level encryption, Probabilistic encryption, Electronic computers. Computer science, 56-bit encryption, 40-bit encryption, General Earth and Planetary Sciences, Attribute-based encryption, searchable encryption, business, General Environmental Science, substring search

Abstract

In this paper, we consider a setting where a client wants to outsource storage of a large amount of private data and then perform substring search queries on the data – given a data string s and a search string p, find all occurrences of p as a substring of s. First, we formalize an encryption paradigm that we call queryable encryption, which generalizes searchable symmetric encryption (SSE) and structured encryption. Then, we construct a queryable encryption scheme for substring queries. Our construction uses suffix trees and achieves asymptotic efficiency comparable to that of unencrypted suffix trees. Encryption of a string of length n takes O(λn) time and produces a ciphertext of size O(λn), and querying for a substring of length m that occurs k times takes O(λm+k) time and three rounds of communication. Our security definition guarantees correctness of query results and privacy of data and queries against a malicious adversary. Following the line of work started by Curtmola et al. (ACM CCS 2006), in order to construct more efficient schemes we allow the query protocol to leak some limited information that is captured precisely in the definition. We prove security of our substring-searchable encryption scheme against malicious adversaries, where the query protocol leaks limited information about memory access patterns through the suffix tree of the encrypted string.

Published

2015

194. SKENO: Secret key encryption with non-interactive opening

Author

Atsuko Miyaji, Keita Emura, and Jiageng Chen

Subjects

business.industry, Applied Mathematics, Key distribution, Computer security, computer.software_genre, Encryption, Computer Science Applications, Computational Mathematics, Filesystem-level encryption, Probabilistic encryption, 40-bit encryption, 56-bit encryption, QA1-939, Attribute-based encryption, On-the-fly encryption, business, computer, iv-dependent stream cipher, 94a60, public/secret key encryption with non-interactive opening, verifiable random function, Mathematics

Abstract

In this paper, we introduce the notion of secret key encryption with non-interactive opening (SKENO). With SKENO, one can make a non-interactive proof π to show that the decryption result of a ciphertext C under a shared secret key K is indeed plaintext M without revealing K itself. SKENO is the secret key analogue of public key encryption with non-interactive opening (PKENO). We give a generic construction of SKENO from verifiable random function (VRF) with certain stronger uniqueness, for example, the Hohenberger–Waters VRF and the Berbain–Gilbert I V-dependent stream cipher construction. Although the strong primitive VRF is used, by taking advantage of the features of the stream cipher, we can still achieve good performance without sacrificing much of the efficiency. Though our VRF-based SKENO construction does not require random oracles, we show that SKENO can be constructed from weak VRF (which is strictly weaker primitive than VRF) in the random oracle model.

Published

2015

195. Cryptanalysis of chosen symmetric homomorphic schemes

Author

Serge Vaudenay and Damian Vizár

Subjects

Homomorphic secret sharing, Theoretical computer science, business.industry, key-recovery, General Mathematics, Symmetric cryptography, Homomorphic encryption, law.invention, Cryptanalysis, Symmetric-key algorithm, Probabilistic encryption, law, Known-plaintext attack, symmetric encryption, 40-bit encryption, 56-bit encryption, business, Computer Science::Cryptography and Security, Mathematics

Abstract

Since Gentry’s breakthrough result was introduced in the year 2009, the homomorphic encryption has become a very popular topic. The main contribution of Gentry’s thesis [5] was, that it has proven, that it actually is possible to design a fully homomorphic encryption scheme. However ground-breaking Gentry’s result was, the designs, that employ the bootstrapping technique suffer from terrible performance both in key generation and homomorphic evaluation of circuits. Some authors tried to design schemes, that could evaluate homomorphic circuits of arbitrarily many inputs without need of bootstrapping. This paper introduces the notion of symmetric homomorphic encryption, and analyses the security of four such proposals, published in three different papers ([2], [7], [10]). Our result is a known plaintext key-recovery attack on every one of these schemes.

Published

2015

196. Data Security using Compression and Cryptography Techniques

Author

Swarnalata Bollavarapu and Ruchita Sharma

Subjects

Authentication, business.industry, Computer science, Data security, Client-side encryption, Cryptography, Data_CODINGANDINFORMATIONTHEORY, Encryption, computer.software_genre, Computer security, Disk encryption hardware, Multiple encryption, Disk encryption, Probabilistic encryption, 56-bit encryption, 40-bit encryption, Cryptography law, On-the-fly encryption, business, computer

Abstract

Data is any type of stored digital information. Security is about the protection of assets. Data security refers to protective digital privacy measures that are applied to prevent unauthorized access to computers, databases and websites. Cryptography is evergreen and developments. Cryptography protects users by providing functionality for the encryption of data and authentication of other users. Compression is the process of reducing the number of bits or bytes needed to represent a given set of data. It allows saving more data. The project aims to implement various cryptography algorithm for data security. The data will be first compressed using compression techniques and then encryption techniques will applied and then comparative analysis will be carried out for different combinations of compression and encryption techniques. If encryption and compression are done at the same time then it takes less processing time and more speed.

Published

2015

197. Secure Cloud Computing with RC4 Encryption and Attack Detection Mechanism

Author

Laxmikant Mishra and Amit Kumar Sharma

Subjects

Data sharing, Upload, Computer science, business.industry, 56-bit encryption, Client-side encryption, Cloud computing, RC4, Computer security, computer.software_genre, Encryption, business, computer

Abstract

The growing requirement of system resources, memory requirement and huge space etc. have sprinted up the demand of cloud computing. The ease in the use and dynamic demand completion nature will also make it a future business platform. But we cannot forget the second side of the coin as the ease will comes with some negative cost. By the growing demand huge amount of data has been uploaded, update and shared. But data sharing and updating in the cloud environment may be risky. There are some trust mechanism should be there to secure the data. Our paper main motivation is to secure the sharing environment by sharing the data by the use of RC4 encryption and decryption mechanism. Then we have also detected the unauthorized data connection if there by our dynamic attack alert system.

Published

2015

198. An Experimental Comparison of Chaotic and Non-chaotic Image Encryption Schemes

Author

Seong Oun Hwang, Jawad Ahmad, and Arshad Ali

Subjects

Authentication, Plaintext-aware encryption, Computer science, business.industry, Encryption software, Advanced Encryption Standard, Client-side encryption, computer.software_genre, Encryption, Disk encryption hardware, Computer Science Applications, Disk encryption theory, Deterministic encryption, Multiple encryption, Disk encryption, Probabilistic encryption, 40-bit encryption, 56-bit encryption, Attribute-based encryption, Link encryption, Electrical and Electronic Engineering, On-the-fly encryption, business, computer, Computer network

Abstract

During last few years, transmission of digital multimedia data (images, audios and videos) over Internet, wireless cell phones, television broadcasting etc., has been significantly evolved. The provision of security to store and transmit data with confidentiality, integrity, and authentication for multimedia data over wireless medium is attaining importance these days. Over a few decades, a number of image encryption schemes have been implemented, each with various features, pros and cons. So there is a need to carry out security analysis of these schemes through some standard parameters. In this paper, an effort is being made for comparison of traditional encryption algorithms via some security parameters rather than using just visual inspection. Through these security parameters, one can determine a better and highly secure image encryption scheme. Comparative analysis of Advanced Encryption Standard, Compression Friendly Encryption Scheme, Chaotically Coupled Chaotic Map Encryption Scheme and a Bernoulli Map Based Encryption Scheme are done. Results are finally compiled to conclude the optimum scheme to be used feasibly with high security level.

Published

2015

199. An Encryption Scheme Using Chaotic Map and Genetic Operations for Wireless Sensor Networks

Author

Vallipuram Muthukkumarasamy, Kamanashis Biswas, and Kalvinder Singh

Subjects

crossover, business.industry, Computer science, Cryptography, Encryption, Elliptic curve, Multiple encryption, Key distribution in wireless sensor networks, wireless sensor network, Cipher, Probabilistic encryption, 56-bit encryption, 40-bit encryption, data encryption, mutation, Electrical and Electronic Engineering, business, Instrumentation, Wireless sensor network, chaotic map, pseudorandom bit sequence generator, elliptic curve, Computer network, Block cipher

Abstract

Over the past decade, the application domain of wireless sensor networks has expanded steadily, ranging from environmental management to industry control, and from structural health monitoring to strategic surveillance. With the proliferation of sensor networks at home, work place, and beyond, securing data in the network has become a challenge. A number of security mechanisms have been proposed for sensor networks to provide data confidentiality: 1) advanced encryption system; 2) KATAN; 3) LED; and 4) TWINE. However, these schemes have drawbacks, including security vulnerabilities, need for hardware-based implementation, and higher computational complexity. To address these limitations, we propose a lightweight block cipher based on chaotic map and genetic operations. The proposed cryptographic scheme employs elliptic curve points to verify the communicating nodes and as one of the chaotic map parameters to generate the pseudorandom bit sequence. This sequence is used in XOR, mutation, and crossover operations in order to encrypt the data blocks. The experimental results based on Mica2 sensor mote show that the proposed encryption scheme is nine times faster than the LED protocol and two times faster than the TWINE protocol. We have also performed a number of statistical tests and cryptanalytic attacks to evaluate the security strength of the algorithm and found the cipher provably secure.

Published

2015

200. Anonymous protocols: Notions and equivalence

Author

Alfredo De Santis and Paolo D'Arco

Subjects

Key Wrap, Plaintext-aware encryption, General Computer Science, Computer science, Data_MISCELLANEOUS, Key distribution, Computer security, computer.software_genre, Encryption, Theoretical Computer Science, Public-key cryptography, Multiple encryption, Email encryption, Ciphertext, Chosen-ciphertext attack, Cryptographic primitive, business.industry, Client-side encryption, Adversary, Deterministic encryption, Ciphertext indistinguishability, Symmetric-key algorithm, Probabilistic encryption, 40-bit encryption, 56-bit encryption, Link encryption, Attribute-based encryption, On-the-fly encryption, business, computer, Broadcast encryption

Abstract

Privacy protection has become a major issue in modern societies. Many efforts have been provided in the last years to catch properly the requirements that cryptographic primitives and low-level protocols should meet in order to be useful for building privacy-preserving applications. In particular, anonymity is an important property to achieve, and the notion of key privacy in public-key encryption, which guarantees that an adversary is unable to tell with which public key a certain ciphertext has been produced, plays a key-role in the design of anonymous protocols.Secret sets and anonymous broadcast encryption are two examples of useful anonymous protocols. A secret set is a representation of a subset of users of a given universe satisfying some basic membership privacy properties, and anonymous broadcast encryption is a mechanism to encrypt a broadcast message that only authorized users, whose identities are kept secret, can decrypt.In this paper we show that, even if apparently the key privacy property of an encryption scheme seems to be unrelated to the security of the encrypted content, and it looks like just an additional property the encryption scheme can enjoy, for a robust encryption scheme key privacy under chosen ciphertext attack implies non-malleability and, hence, security under chosen ciphertext attacks. This result helps to simplify the set of requirements that public key encryption schemes need to satisfy when stating and proving theorems regarding anonymous protocols in which the encryption schemes are used.Then, we provide a formal model for both secret sets and anonymous broadcast encryption and we prove that they are equivalent with respect to non-adaptive adversaries: the former can be used to design the latter and vice versa.Finally, we revisit some previous constructions for secret sets, and we analyze the security properties they enjoy within our adversarial model.

Published

2015